Legal
Terms of Service
Effective date: May 31, 2026. Last updated: June 2, 2026.
1. Agreement to Terms
Black Diamond Labs Inc.(“Black Diamond Labs,” “we,” “our,” or “us”) owns and operates z-gateway. These Terms of Service are a legally binding agreement between you and Black Diamond Labs and govern your access to and use of z-gateway, our runtime governance platform for AI agents available at z-gateway.com.
By creating an account, accepting these Terms, accessing the website or dashboard, or using the Service, you agree to these Terms and our Privacy Policy. If you use the Service on behalf of a company, organization, or team, you represent that you have authority to bind that organization, and “you” includes both you and that organization.
You must be at least 18 years old, or the age of legal majority in your jurisdiction, and able to enter into a binding agreement.
2. Description of Service
z-gateway is a product owned and operated by Black Diamond Labs Inc. The Service is a hosted runtime governance and control platform for AI agent actions routed through z-gateway, including MCP tool-call governance, customer-defined policies, approvals, quotas, usage limits, runtime logs, audit trails, GitHub workflows, and Postgres database workflows.
Tool calls routed through the Service may be evaluated against customer-defined policies before execution. The Service does not intercept traffic that bypasses z-gateway, and it does not replace your responsibility to configure agents, tools, credentials, and production systems safely.
We may change, suspend, or discontinue features with reasonable notice where feasible, except where security, legal, or operational needs require faster action.
We may use third-party infrastructure, monitoring, security, analytics, and diagnostic service providers to operate, protect, debug, and improve the Service.
3. Accounts and Workspaces
You are responsible for providing accurate account information and for all activity under your account, organizations, workspaces, invited users, agents, credentials, and connected infrastructure. Organization owners and admins are responsible for managing workspace members, agents, credentials, connected systems, and permissions.
You must protect account credentials, workspace access, agent credentials, API keys, tokens, and secrets. Notify us promptly at security@z-gateway.com if you know or suspect that an account, workspace, credential, or token has been compromised.
4. Acceptable Use
You may use the Service only lawfully and in accordance with these Terms.
- Do not bypass, disable, or interfere with Service security, authorization, policy, rate-limit, or access-control systems.
- Do not attempt unauthorized access to another customer workspace, account, agent, data, or connected system.
- Do not share credentials with unauthorized parties or use compromised, stolen, or improperly obtained credentials.
- Do not introduce malware, exploit code, credential theft, scraping abuse, excessive load, or denial-of-service activity.
- Do not reverse engineer the Service except to the extent applicable law prohibits this restriction.
- Do not use the Service in violation of privacy, security, export-control, sanctions, anti-corruption, or other applicable laws.
You may report suspected abuse to abuse@z-gateway.com and security issues to security@z-gateway.com.
5. Agent Credentials and Tokens
The Service issues agent credentials and short-lived JWTs for runtime authentication. Agent secret values are displayed once at creation; the Service stores a salted cryptographic hash for verification rather than the plaintext secret.
You must not place agent credentials, API keys, tokens, or secrets in public repositories, client-side code, browser bundles, shared logs, screenshots, or other publicly accessible locations. We may revoke tokens or credentials where needed to protect the Service, your workspace, other customers, or third parties.
6. GitHub Integration
If you connect GitHub, you authorize access by installing or connecting the z-gateway GitHub App and granting the permissions shown by GitHub. You are responsible for choosing the GitHub organizations, repositories, and permissions you grant.
For GitHub actions routed through the Service, z-gateway mints short-lived GitHub installation tokens for the requested operation using the GitHub App model. GitHub API availability, permission changes, rate limits, or platform changes may affect GitHub-related functionality. z-gateway is not GitHub and is not endorsed by GitHub.
7. Database Connectors and Customer Infrastructure
You are responsible for the databases, schemas, credentials, users, roles, permissions, backups, environments, and infrastructure you connect to the Service. Use least-privilege credentials and avoid connecting production databases with overly broad admin credentials unless you intentionally accept that risk.
You must not connect databases, schemas, tables, credentials, or data that you are not authorized to access, process, or expose to AI agent workflows.
When database actions are routed through the Service, z-gateway may evaluate database-related tool calls, query metadata, schema metadata, action intent, SQL previews or hashes, protected-table configuration, risk signals, and related runtime context before execution. The Service stores database connection strings encrypted using server-side connector-secret encryption.
Supported database actions may include schema inspection, bounded read queries, explain plans, write proposals, migration planning, or other connector actions depending on product configuration. z-gateway may block, log, or require approval for routed database actions.
z-gateway is not a transparent Postgres wire proxy and does not intercept database traffic, Prisma traffic, psql sessions, migration tools, application runtime traffic, or queries that bypass the Service.
z-gateway does not guarantee detection, prevention, or reversal of every unsafe query, migration, destructive command, data loss event, schema change, agent action, unauthorized use, or bypass path. You remain responsible for reviewing, testing, approving, backing up, and validating production-impacting database changes and for securing database traffic that bypasses z-gateway.
8. Subscription, Billing, and Payment
Paid features require a subscription. Plans, prices, entitlements, and limits are listed on the pricing page and may change with advance notice. Fees are billed in U.S. dollars in advance on the selected billing interval. Taxes and fees may apply.
Stripe processes payments and billing portal operations. By subscribing, you authorize recurring charges until cancellation. You can cancel or manage billing from the dashboard where available or by contacting billing@z-gateway.com. Unless required by law or expressly agreed in writing, fees are non-refundable and cancellations take effect at the end of the billing period.
Stripe's own terms and privacy policy may apply to payment and billing portal activity. z-gateway does not store full payment card numbers, bank account details, or card security codes.
We may suspend or limit paid features for unpaid invoices, payment failures, suspected fraud, or billing misuse. Plan upgrades, downgrades, renewals, and cancellations are handled according to the billing flow shown in the dashboard and Stripe customer portal.
9. Free Tier Limitations
The Free tier is for evaluation and small-workspace use. Current Free limits include 1 workspace, 2 organization members, 2 agents, 1 protected repository, 1 active database connection, 3,000 runtime tool calls per month, 300 enforce calls per month, 300 total calls per day, 30 enforce calls per day, 7-day logs, and Monitor + enforce access. Current pricing documentation controls if limits differ.
We may change or discontinue the Free tier with reasonable notice where feasible.
10. Intellectual Property
Black Diamond Labs owns or licenses the Service, platform, website, code, design, documentation, marks, and related materials. z-gateway and associated product names, logos, and branding are owned by or licensed to Black Diamond Labs Inc.. You retain ownership of your Customer Data.
You grant Black Diamond Labs a limited license to process Customer Data as needed to provide, secure, support, and improve the Service. Feedback may be used without restriction or compensation.
11. Confidentiality
Each party may receive nonpublic information from the other, including customer data, nonpublic product features, roadmap information, pricing, security information, credentials, and technical materials. Each party must protect the other party's Confidential Information using reasonable care and use it only for purposes related to these Terms, except where disclosure is legally required.
12. Data Processing
Where applicable, you are the controller or business for Customer Data, and Black Diamond Labs acts as a processor or service provider when processing Customer Data on your behalf. You are responsible for lawful instructions, notices, consents, and connected-system use. We may make a Data Processing Addendum available where required upon request at legal@z-gateway.com.
13. Disclaimer of Warranties
THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT WARRANTY OF ANY KIND.
To the maximum extent permitted by law, Black Diamond Labs disclaims all express, implied, statutory, and other warranties, including merchantability, fitness for a particular purpose, title, and non-infringement. We do not guarantee uninterrupted, error-free, or fully secure operation; that the Service catches or prevents all unsafe, unauthorized, malicious, or production-impacting agent actions; that customer-authored policies are correct; or that the Service satisfies any regulatory or compliance obligation. You remain responsible for agent configuration, connected services, credentials, policy choices, approvals, backups, and actions taken through or outside the Service.
14. Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY LAW, BLACK DIAMOND LABS AND ITS SERVICE PROVIDERS WILL NOT BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES.
Black Diamond Labs' aggregate liability for all claims relating to these Terms or the Service will not exceed the greater of the fees you paid to Black Diamond Labs for the Service in the 12 months before the event giving rise to liability or $100 USD.
15. Indemnification
You will indemnify and hold harmless Black Diamond Labs Inc., its officers, directors, employees, agents, service providers, successors, and assigns from claims arising from your misuse of the Service, Customer Data, connected systems, agent actions, policy configuration, credentials, violation of law, violation of third-party rights, or breach of these Terms.
16. Termination
You may cancel subscriptions or request account deletion through the dashboard where available or by contacting us. We may suspend or terminate access for material breach, unpaid fees, security risk, suspected abuse, legal requirements, or discontinuation of the Service.
Termination may revoke tokens, stop workspace access, and disable connected integrations. Logs, billing records, backups, and security records may be retained as described in the Privacy Policy or as required for legal, security, or operational purposes. Sections that by nature should survive termination will survive.
17. Governing Law and Dispute Resolution
These Terms are governed by the laws of the State of New York, without regard to conflict-of-law rules. Before filing a claim, the parties will attempt in good faith to resolve disputes informally for 60 days after notice to legal@z-gateway.com.
If unresolved, disputes will be finally resolved by binding arbitration administered by the American Arbitration Association under its Commercial Arbitration Rules. The arbitration will be conducted by one arbitrator, in English, with the seat of arbitration in New York, New York. Either party may seek emergency injunctive relief in courts located in New York, New York.
CLASS ACTION WAIVER.
To the extent permitted by law, each party may bring claims only in an individual capacity and not as a plaintiff or class member in any class, collective, consolidated, or representative proceeding.
18. General Provisions
- Assignment: You may not assign these Terms without our prior written consent. Black Diamond Labs may assign these Terms in connection with a merger, acquisition, reorganization, or sale of assets.
- Severability: If a provision is unenforceable, the remaining provisions remain in effect.
- Waiver: Failure to enforce a provision is not a waiver.
- Entire agreement: These Terms, the Privacy Policy, and any applicable order forms or addenda are the entire agreement for the Service.
- Notices: Legal notices to Black Diamond Labs must be sent to legal@z-gateway.com unless we provide a different notice address. We may send notices to the email address associated with your account.
- Force majeure: Neither party is liable for delays or failures caused by events beyond reasonable control.
- Independent contractors: The parties are independent contractors, and these Terms do not create a partnership, agency, joint venture, or employment relationship.
- No third-party beneficiaries: These Terms do not create third-party beneficiary rights.
19. Changes to Terms
We may update these Terms from time to time. We will update the date above for non-material changes. For material changes, we will provide reasonable notice by email, dashboard notice, or other appropriate means before the changes take effect, unless faster changes are needed for legal, security, or operational reasons.
20. Contact
Black Diamond Labs Inc.
Legal notices: legal@z-gateway.com
Privacy requests: privacy@z-gateway.com
Security reports: security@z-gateway.com
Website: https://z-gateway.com