Terms of Service

Last Updated: February 10, 2026 Effective Date: February 10, 2026

These Terms of Service (“Terms”) govern access to and use of the Constructive platform and related services (“Services”) provided by Interweb, Inc. (“Constructive,” “we,” “us,” or “our”).

By accessing or using the Services, you (“Customer,” “you”) agree to be bound by these Terms.

1. DEFINITIONS

"Platform" means the Constructive software platform, including database tooling, security compilers, RLS enforcement systems, APIs, dashboards, and related infrastructure.

"Customer Application Data" means business data, user records, application content, and other information stored by Customer in database tables provisioned through the Platform. Customer Application Data is owned exclusively by Customer.

"Customer Configuration Data" means schemas, table definitions, DDL inputs, RLS policy configurations, module selections, and other structural or configuration inputs provided by Customer to the Platform.

"Platform Telemetry & System Artifacts" means meta-schema definitions, compiler outputs, abstract syntax trees, transformation logic, system-generated intermediate representations, usage signals, anonymized operational metrics, performance telemetry, and other system-level artifacts generated by the Platform in the course of providing the Services.

"RLS Policies" means Row-Level Security policies, access rules, and permission configurations created or configured by Customer within the Platform.

"Generated Code" means all source code, SQL files, migration files, compiled policies, and other code artifacts created by the Platform, including Exported Code, Platform Code, and Open Client Code. Use of Generated Code is subject to the Constructive License.

"Exported Code" means Generated Code consisting of SQL files, database migration files, and related database artifacts that are exported from the Platform at Customer's direction for use outside the Platform.

"Open Client Code" means Generated Code consisting of TypeScript clients, SDK outputs, React hooks, CLI tools, and other application-layer code generated using Constructive's open-source tooling. Open Client Code is provided under the terms of the applicable open-source license and is not subject to the restrictions in the Constructive License.

"Platform Code" means Generated Code that is created by and remains hosted on the Platform — including compiled RLS policies, internal triggers, transformation outputs, and other server-side artifacts that execute within the Platform infrastructure.

2. PLATFORM LICENSE

Subject to these Terms, Constructive grants Customer a limited, non-exclusive, non-transferable, non-sublicensable right to access and use the Services for Customer’s internal business purposes.

Constructive retains all rights not expressly granted.

3. OWNERSHIP

Customer retains all right, title, and interest in and to Customer Application Data. Constructive acquires no ownership rights in Customer Application Data.

Ownership of the Platform, its underlying intellectual property, and all Generated Code (including Exported Code, Platform Code, and Open Client Code) is governed by the Constructive License.

4. DATA CLASSIFICATION AND USE

4.1 Customer Application Data

Constructive will process Customer Application Data solely to:

  • Provide and operate the Services
  • Execute database queries and enforce configured RLS policies
  • Maintain security, integrity, and backups
  • Provide customer support at Customer's request

Constructive will not:

  • Sell Customer Application Data to third parties
  • Use Customer Application Data for advertising or marketing purposes
  • Use Customer Application Data to train AI or machine learning models unless Customer explicitly opts in under a separate written agreement
  • Disclose Customer Application Data except as required to provide the Services or as compelled by law

4.2 Customer Configuration Data

Customer Configuration Data (schemas, table definitions, DDL inputs, RLS policy configurations, and module selections) is provided by Customer to operate the Platform. Constructive may:

  • Use Customer Configuration Data to provide, maintain, and improve the Services
  • Analyze anonymized and aggregated Customer Configuration Data to improve platform capabilities, identify common schema patterns, and enhance security defaults
  • Use de-identified schema patterns and configuration structures derived from Customer Configuration Data to train AI models for the purpose of improving the Platform

Constructive will not use Customer Configuration Data in identifiable form for purposes unrelated to the Services without Customer's prior written consent.

4.3 Platform Telemetry & System Artifacts

Platform Telemetry & System Artifacts are generated by the Platform and are owned by Constructive. Constructive may use Platform Telemetry & System Artifacts without restriction for:

  • Platform operation, monitoring, and reliability
  • Analytics, benchmarking, and performance optimization
  • Training AI and machine learning models to improve the Platform
  • Developing new features, security templates, and services modules

Platform Telemetry & System Artifacts do not contain Customer Application Data in identifiable form.

5. RLS AND SECURITY RESPONSIBILITIES

Constructive provides secure-by-default primitives to enforce database-level access controls, including RLS enforcement at table creation. However, the Platform does not guarantee correct business logic configuration. Customer controls how security primitives are applied to Customer's specific use case.

Customer is solely responsible for:

  • Selecting and designing appropriate RLS policies for Customer's data and access requirements
  • Ensuring correct configuration of access controls and permissions
  • Reviewing and validating all security settings prior to deployment
  • Verifying compliance with applicable laws and regulations

Constructive is not responsible for data exposure, unauthorized access, or security incidents caused by:

  • Disabled or removed RLS policies
  • Misconfigured or insufficiently restrictive policies
  • Customer-authored SQL, functions, or logic that bypasses or overrides controls
  • Misuse, sharing, or compromise of API credentials or authentication tokens
  • Customer's failure to apply available security updates or recommendations

6. COMPLIANCE AND DATA PROTECTION

6.1 Data Processor Role

Constructive acts as a data processor with respect to Customer Application Data. Customer is the data controller and is responsible for:

  • The lawful collection, processing, and storage of Customer Application Data
  • Determining the legal basis for processing under applicable data protection laws
  • Providing any required notices to, and obtaining any required consents from, data subjects

6.2 Security Controls

Constructive will:

  • Maintain administrative, technical, and physical safeguards designed to protect the confidentiality, integrity, and availability of Customer Application Data
  • Maintain controls designed to align with SOC 2 Trust Services Criteria
  • Offer a Data Processing Addendum (DPA) for GDPR, CCPA, and similar data protection frameworks upon request
  • Promptly notify Customer of any confirmed security incident affecting Customer Application Data

Constructive does not represent that it currently holds SOC 2 certification. References to SOC 2 describe the operational standards Constructive targets, not a certification status.

6.3 Regulated Data Restrictions

Unless expressly agreed in writing under an Enterprise Agreement with dedicated compliance terms, Customer shall not store or process through the Platform:

  • HIPAA-regulated Protected Health Information (PHI)
  • PCI DSS-regulated cardholder data
  • Biometric identifiers subject to BIPA or similar statutes
  • Other categories of regulated sensitive data requiring specialized compliance controls

6.4 Enterprise Compliance Enhancements

Customers requiring enhanced compliance capabilities, including support for regulated data, audit rights, data residency commitments, or custom security controls, may obtain such capabilities under a separate Enterprise Agreement or compliance addendum.

7. AI FEATURES

If the Platform includes AI-assisted tooling (including code generation, schema suggestions, or policy recommendations):

  • All AI output is provided "as-is" without warranty of correctness, completeness, or fitness for any particular purpose.
  • Customer is solely responsible for reviewing, testing, and validating all AI-generated code, schemas, or policy configurations before use in any environment.
  • Customer Application Data is not used to train AI models unless Customer explicitly opts in under a separate written agreement.
  • Constructive may use de-identified Customer Configuration Data and Platform Telemetry & System Artifacts to train and improve AI features as described in Section 4.

8. ACCEPTABLE USE

Customer shall not:

  • Reverse engineer the Platform
  • Attempt to extract source code or internal logic
  • Circumvent security controls
  • Resell or provide the Platform as a service bureau
  • Use the Platform in violation of applicable law

9. FEES AND PAYMENT

Fees are set forth in Customer’s Order Form.

All fees are non-refundable unless otherwise stated.

Constructive may suspend Services for non-payment.

10. CONFIDENTIALITY

Each party agrees to maintain confidentiality of the other party’s non-public information.

Customer Application Data and Customer Configuration Data are deemed Confidential Information of Customer.

11. WARRANTIES

The Services are provided “as is” and “as available.”

Constructive disclaims all implied warranties, including merchantability, fitness for a particular purpose, and non-infringement.

Constructive does not guarantee uninterrupted or error-free operation.

12. LIMITATION OF LIABILITY

To the maximum extent permitted by law:

Constructive’s total liability arising out of or relating to the Services shall not exceed the total fees paid by Customer in the twelve (12) months preceding the claim.

Constructive shall not be liable for:

  • Indirect or consequential damages
  • Lost profits
  • Loss of data
  • Business interruption

This limitation does not apply to:

  • Gross negligence
  • Willful misconduct
  • Breach of confidentiality obligations

13. INDEMNIFICATION

Customer agrees to indemnify Constructive against claims arising from:

  • Customer Application Data
  • Customer misuse of the Platform
  • Violation of law
  • Infringement claims arising from Customer materials

14. TERM AND TERMINATION

These Terms remain in effect while Customer uses the Services.

Constructive may suspend or terminate for:

  • Material breach
  • Illegal activity
  • Non-payment

Upon termination, Customer’s access ends immediately.

Customer may request export of Customer Application Data and Exported Code for a limited period after termination. The scope of available exports depends on Customer's subscription tier.

15. GOVERNING LAW

These Terms are governed by the laws of the State of Delaware.

Disputes shall be resolved in Delaware courts.

16. PUBLICITY

Constructive may list Customer’s name and logo as a customer unless Customer opts out in writing.

17. ENTIRE AGREEMENT

These Terms constitute the entire agreement between the parties and supersede prior agreements.

Enterprise Addendum (OPTIONAL)

Enterprise Agreements may include:

  • Dedicated security controls and custom compliance configurations
  • Enhanced audit rights, including third-party audit support
  • Data residency and data sovereignty commitments
  • Custom liability caps and indemnification terms
  • Regulated data support (PHI, PCI, biometric) under separate compliance agreements
  • Explicit "No Model Training" covenant covering Customer Configuration Data in addition to Customer Application Data
  • Custom data retention and deletion schedules