Terms and Conditions

Governed usage terms for autonomous workflow operations, plan-scoped AI routing, and plan-dependent retention.

1. Authorized Use

You may run workflows, agents, and tool calls only within workspaces and departments where you hold valid access rights. Tenant boundaries, approval controls, and plan entitlements apply to every execution path.

2. Human Oversight and Policy Controls

High-risk or policy-gated actions can require human review before completion. Sentrul may pause, downgrade, or reject execution when billing policy, safety policy, or tenant-scoped access controls are not satisfied.

3. Plan-Scoped Capacity and Retention

Plan	Managed Tokens	BYOK Mode	Model Access	Audit Retention	Rate Protection
Trial	0	BYOK required, capped at 5M tokens per billing period	Tier 1 local, Tier 2 mid-cost, and Tier 3 premium lanes	No retained audit log window	10 RPM
Starter	3M	Managed tokens first, BYOK fallback	Tier 1 local, Tier 2 mid-cost, and Tier 3 premium lanes	30 days	30 RPM
Essentials	15M	Managed tokens first, BYOK fallback	Tier 1 local, Tier 2 mid-cost, and Tier 3 premium lanes	90 days	60 RPM
Operations	75M	Managed and BYOK paths can run in parallel	Tier 1 local, Tier 2 mid-cost, and Tier 3 premium lanes	365 days	120 RPM
Enterprise	100M	BYOK primary, managed pool supplementary	Tier 1 local, Tier 2 mid-cost, and Tier 3 premium lanes	Permanent / indefinite	300 RPM

4. Managed Token Multipliers

Managed-token consumption is weighted by model lane. Higher-cost lanes consume the managed budget faster than lower-cost lanes.

Lane	Multiplier	Effective Usage
Tier 1 local	1x	1,000 managed budget tokens per 1,000 raw tokens
Tier 2 mid-cost	3x	3,000 managed budget tokens per 1,000 raw tokens
Tier 3 premium	10x	10,000 managed budget tokens per 1,000 raw tokens

Example: 1,000 raw tokens on a premium lane count as 10,000 managed budget tokens.

5. Cost-Aware Routing

Managed-routing paths may automatically downgrade model selection as utilization rises. These controls protect the remaining budget and do not override plan-level BYOK rules.

Below 70%: Preferred plan-allowed lane stays in place and token multipliers apply to managed usage.
70% to 84%: Tier 3 premium requests are downgraded to tier 2 within managed-routing paths.
85% and above: Managed-routing paths force traffic onto the lowest-cost lane to protect the remaining budget.

6. Overage and Exhaustion Behavior

Trial: Hard stop.
Starter: Hard stop.
Essentials: Soft pause / hard stop path if managed budget is exhausted.
Operations: Soft pause / hard stop path if managed budget is exhausted.
Enterprise: Negotiated overage with no automatic hard stop.

7. Enterprise Priority Handling

Enterprise plans include priority command lanes in the current entitlement set, the highest orchestration rate-protection ceiling, BYOK-primary execution, and negotiated overage handling. Additional isolation, support, or compliance commitments are delivered through contract and deployment scope rather than implied by every self-serve workspace.

8. Compliance and Data Handling

Sentrul exposes audit-ready controls, tenant isolation, encryption, and plan-based retention. Public materials should treat SOC 2 and HIPAA references as readiness or contract features, not blanket certification claims. HIPAA BAA support is available on higher tiers and depends on the agreed deployment model.

9. Billing Details

Pricing cadence: plans bill monthly on the subscription anchor date. Annual commitments are available on request and override the monthly cadence.
Proration: mid-cycle plan changes are prorated by Stripe. Upgrades take effect immediately; downgrades take effect at the next renewal unless explicitly agreed otherwise.
Invoices: issued by Stripe and emailed to the billing contact on record. Historical invoices are available in Settings → Billing.
Taxes: all fees are exclusive of applicable sales, use, VAT, or GST unless stated otherwise on the invoice.
Refunds: Sentrul does not provide pro-rata refunds for partial billing periods. Refunds of exceptional billing errors are reviewed on a case-by-case basis.
Token packs: one-time purchases are non-refundable once the credit ledger records delivery. Unused pack tokens expire per the ledger policy shown at checkout.

10. Grace Period and Exhaustion

When a trial ends, a payment fails, or managed tokens are exhausted, the workspace enters a time-limited grace period. During this window the platform continues to serve read-only access and human-in-the-loop (HITL) workflows only.

Trial expiry: at the end of the trial, autonomous execution is suspended. Read-only access and exports remain available for at least 14 days.
Failed payment: Stripe attempts up to four retries over roughly three weeks. During this window the workspace is degraded to HITL-only execution.
Token exhaustion: once the managed budget is spent, managed-routing paths stop. BYOK paths remain available where the plan permits.
Reactivation: once the billing issue is resolved or a token pack is purchased, full execution resumes automatically on the next workspace request.

11. Business-Outcome Disclaimer

Sentrul provides a platform for orchestrating AI-driven workflows. Sentrul does not control, guarantee, or warrant any business outcome produced through the platform — including financial, legal, medical, employment, safety, or operational results. Customers are solely responsible for how agent output is used, for the decisions taken in response, and for any downstream consequences. Customers must put their own review, validation, and compensating controls in place for any workflow that can affect people, money, or regulated activity.

12. Autonomy Mode and Elevated Risk

Sentrul supports three autonomy modes. Each mode carries a different level of risk, and the customer is responsible for choosing the mode that matches the workflow, the domain, and the tolerance for unsupervised action.

HITL (Human-In-The-Loop): the system pauses before any action the customer has marked as approvable. A human operator must review and approve each step. Lowest risk; slowest.
HOTL (Human-On-The-Loop): the system runs autonomously for low-risk steps and pauses for human review only on high-risk steps defined by policy. Moderate risk; balances throughput with oversight.
HOOTL (Human-Out-Of-The-Loop): the system runs without approval interrupts. This is an elevated-risk mode. The customer accepts that actions may occur without prior human review, and commits to running compensating controls outside the platform (logging, monitoring, downstream guardrails, incident response). Sentrul records an explicit acknowledgement when a tenant enables HOOTL.

Certain domains remain HITL-only regardless of the selected mode — see Acceptable Use below.

13. Acceptable Use and Always-HITL Domains

The following categories of action remain HITL-only at the platform level, regardless of the tenant's autonomy mode selection. Attempts to route these actions through HOTL or HOOTL execution will be paused for human review.

Legal filings, court submissions, and regulator correspondence.
Medical, clinical, or therapeutic advice directed to identifiable individuals.
Payment transfers or refunds above the tenant-configured approval threshold.
Deletion of customer-visible data, user accounts, or production records.
Communications sent to external parties on behalf of the customer where the customer has not configured an explicit allowlist.

Customers may not use the platform to generate content that violates applicable law, infringes third-party rights, targets individuals for harm, or attempts to circumvent the platform's safety, billing, or tenant-isolation controls.