Skip to main content

Legal

Terms of Service

Last updated: 2026-04-27

Working draft — pending legal review. These terms have been adapted from open-source templates and have not yet been reviewed by a licensed attorney. Do not rely on them as legal advice. They will be replaced with a lawyer-reviewed version before public launch. The governing law jurisdiction is a placeholder pending founder and attorney input.

1. Scope

These Terms of Service (“Terms”) govern your use of the XynergiOne website at https://xynergione.tech and any consulting services provided by XynergiOne. By accessing the site or engaging our services, you agree to these Terms.

These Terms apply to website visitors and prospective clients. Actual consulting engagements are governed by a separate engagement agreement signed by both parties, which takes precedence over these Terms where they conflict.

2. Website use

You agree not to:

  • Use the site for any unlawful purpose
  • Attempt to gain unauthorized access to any part of the site or its infrastructure
  • Transmit malicious code, spam, or automated requests in excess of normal use
  • Scrape or harvest data from the site in bulk without our written permission
  • Reproduce, distribute, or create derivative works from our site content without permission

3. Intellectual property

Our content

All content on this website — including text, graphics, methodology descriptions, and code — is owned by XynergiOne or its licensors. You may not reproduce it without our prior written consent, except for personal, non-commercial use.

Deliverables from engagements

Unless otherwise specified in the engagement agreement, deliverables produced during a consulting engagement (reports, automations, documentation, code) belong to the client upon receipt of full payment for that engagement. XynergiOne retains the right to use generalized methodologies and non-client-specific learnings in future work.

4. Warranty disclaimer

THE SITE AND ANY RELATED SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.

We do not warrant that the site will be uninterrupted, error-free, or free of viruses or other harmful components. We do not warrant that consulting recommendations will produce any specific business outcome.

5. Limitation of liability

TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, XYNERGIONE’S TOTAL LIABILITY TO YOU FOR ANY CLAIM ARISING FROM OR RELATED TO THESE TERMS OR OUR SERVICES SHALL NOT EXCEED THE TOTAL FEES PAID BY YOU TO XYNERGIONE IN THE THREE (3) MONTHS PRECEDING THE CLAIM.

IN NO EVENT SHALL XYNERGIONE BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

6. Governing law and jurisdiction

[PLACEHOLDER — pending founder/attorney confirmation] These Terms shall be governed by and construed in accordance with the laws of [State], United States, without regard to its conflict of law provisions. Any dispute arising from these Terms shall be subject to the exclusive jurisdiction of the courts located in [County, State].

7. Termination

We reserve the right to terminate or suspend access to the site for any user who violates these Terms, without prior notice. Provisions of these Terms that by their nature should survive termination (including warranty disclaimers, indemnification, and limitations of liability) shall survive.

8. Third-party links

The site may contain links to third-party websites. We are not responsible for the content, privacy practices, or security of those sites. Links do not imply endorsement.

9. Changes to these Terms

We may update these Terms from time to time. Material changes will be noted with an updated “Last updated” date. Continued use of the site after changes constitutes acceptance of the revised Terms.

10. Contact

Questions about these Terms: inquiry@xynergione.tech

11. Security & data handling

Plain-language detail on what data we touch, where it lives, how long we keep it, and our honest compliance status.

Data we touch during an engagement

During a typical engagement we may receive or generate the following:

  • Business process documentation you share with us (PDFs, slides, spreadsheets, SOPs)
  • Access credentials for the specific tools we are helping you assess or automate, scoped to the minimum required and revoked at engagement close
  • Sample datasets you provide for workflow testing; we request anonymized or synthetic data wherever possible
  • Notes, interview summaries, and deliverable drafts created during the engagement

We do not request access to customer PII databases, payment processing systems, or production environments unless the engagement specifically requires it, and only with your written authorization.

Where it lives

Data typeWhere it lives
Files you shareTransferred via encrypted channels (email TLS or shared folder you designate); working copies on consultant workstations encrypted at rest
DeliverablesDelivered to you and deleted from working storage within 30 days of engagement close
Lead form submissionsSent via Resend (email API) to our inquiry inbox; no third-party CRM or marketing platform
Website analyticsPlausible Analytics: cookieless, no PII collected, data hosted in the EU by Plausible

How long we keep it

  • Engagement working files: deleted within 30 days of engagement close unless the engagement agreement specifies otherwise.
  • Lead inquiry records (name, email, message): retained for 24 months. You may request deletion at any time at inquiry@xynergione.tech.
  • Invoices and financial records: retained for 7 years as required by U.S. tax law.
  • Website analytics: Plausible retains aggregate (non-PII) stats; no personal data is stored.

AI tools we use internally

We use AI tools in our work and are transparent about this because you deserve to know what your data touches. We do not feed identifiable client data (names, credentials, raw business records) into AI tools without your explicit acknowledgment.

ToolPurposeData shared
Claude (Anthropic)Drafting, research synthesis, code reviewOnly content you explicitly share with us for that purpose
ChatGPT / GPT-4 (OpenAI)Secondary drafting and analysisSame policy as above
NotionInternal project notesAnonymized references only; no raw client data stored long-term

Sub-contractors

Currently: none.All engagement work is performed directly by XynergiOne’s founder. If a sub-contractor is engaged in the future, clients will be notified prior to any data being shared.

Incident response

If we discover a security incident affecting your data:

  1. We will notify you by email within 72 hours of discovering the incident.
  2. We will describe what data was involved, the likely cause, and the steps we are taking to contain it.
  3. We will provide a written incident summary within 7 days.

To report a concern: security@xynergione.tech

Compliance status

We are a small, focused consultancy. Here is an honest accounting of where we stand:

What we have:

  • This public security policy, reviewed quarterly
  • Encrypted-at-rest workstations
  • MFA on all tooling with access to client data
  • Principle of least privilege for credential access

What we don't hold yet:

  • SOC 2 (Type I or II): no auditor-signed report
  • ISO 27001 certification: not pursued yet
  • Formal WISP: this policy is the informal equivalent for now

We plan to begin a SOC 2 gap assessment once we have a stable client base that requires it. If compliance certification is a hard requirement for your vendor onboarding, please let us know — we can discuss compensating controls or timeline.

Last updated: 2026-04-27. This policy is reviewed quarterly.