Graphode wordmark
Join waitlist

Graphode - Website Legal Documents, English Version

Operator: Tixono s.r.o.

Company ID: 17152097

Registered office: Příčná 1892/4, Nové Město, 110 00 Prague, Czech Republic

Commercial Register: Municipal Court in Prague, file no. C 367051

Data box ID: fiu9h56

Date of incorporation and registration: 17 May 2022

Legal form: limited liability company

General contact: info@graphode.com

Support: support@graphode.com

Billing: billing@graphode.com

Effective date: 5 May 2026

This document is prepared as website copy for Graphode. Before publication, verify any applicable VAT ID, the actual cookie setup, subprocessors, hosting, billing provider, AI providers, effective date and, ideally, have the text reviewed by legal counsel.

---

1. Graphode Terms of Service

1. Introduction

These Terms of Service govern the use of the Graphode online service, contracts, user accounts, subscriptions, credits, availability, support, rights and obligations of users and the operator.

Graphode is operated by Tixono s.r.o., Company ID 17152097, with registered office at Příčná 1892/4, Nové Město, 110 00 Prague, Czech Republic, registered in the Commercial Register maintained by the Municipal Court in Prague, file no. C 367051, referred to as the “Operator”, “Tixono”, “we”, “us” or “our”.

A user is any person who visits the Graphode website, creates an account, uses the service, orders a subscription, purchases credits or acts on behalf of an organization. A user may be an individual, entrepreneur or legal entity.

By using the service, creating an account, ordering a paid plan, accepting an invitation to an organization or otherwise accepting these Terms, the user agrees to these Terms.

2. Contact details

You may contact us at:

  • general inquiries: info@graphode.com,
  • user and technical support: support@graphode.com,
  • billing, payments, tax documents, subscriptions and credits: billing@graphode.com,
  • data box ID: fiu9h56.

For personal data requests, use support@graphode.com with the subject “GDPR” or “Privacy”.

3. Definitions

“Graphode” means the cloud software service, web interface, APIs, related modules, documentation, AI features, integrations, file storage, workflows, Graphotree, workspaces and other features available under the Graphode brand.

“Account” means a user account created in Graphode.

“Organization” means a work or company space where multiple users may manage shared projects, workflows, files, billing, permissions and data.

“Workspace” means a logically separated environment for projects, workflows, files, tasks, AI runs, integrations and related content.

“Customer Content” means data, files, text, prompts, configurations, workflows, nodes, tasks, outputs, metadata, documents, integrations and other information submitted or created by a user in the service.

“AI Features” means features based on artificial intelligence, machine learning or calls to external or internal AI models, including generation, analysis, transformation, summarization, classification, suggestions and automations.

“Credits” means prepaid or allocated units for using selected features, especially compute, AI, integration or otherwise metered operations.

“Beta” means a private, test, pre-production or early public phase of the service that may be unstable, incomplete or changed over time.

“Early access” means a private preview, waitlist, pilot or other limited-access phase of Graphode before regular public paid access is made available.

4. Service description

Graphode is an online platform for creating, managing, connecting and running digital workflows, graph structures, tasks, files, integrations and AI features. The service may include, in particular:

  • account, organization, role and access management,
  • workspaces, projects, Graphotree and workflows,
  • task, automation and process management and execution,
  • file storage and artifact management,
  • AI features and AI runs,
  • integrations with third-party services,
  • notifications, emails and system messages,
  • billing, subscriptions, plans, credits and usage,
  • audit, operational and security logs.

The scope of the service may vary depending on the plan, product phase, availability of modules, organization settings and technical limitations.

5. Registration, account and organization

Full use of the service usually requires creating an account. The user must provide true and current information and protect login credentials from misuse.

The user is responsible for all activity under their account unless they prove that the activity occurred without their fault and despite reasonable account protection.

If a user uses the service on behalf of a legal entity, organization or another person, the user confirms that they have authority to bind that entity or person. In that case, “user” or “customer” also refers to that entity or person.

An organization administrator is responsible for members, roles, permissions, billing, integrations and internal rules for the organization.

6. Beta, pilot operation and early access

Graphode may be available in beta, pilot operation, private preview, waitlist or another limited early access phase. These phases are intended for testing, product validation and feedback.

During beta, pilot operation and early access, the service is provided without guaranteed availability, without guaranteed SLA and without any guarantee that a specific feature set will be maintained. The service may be changed, interrupted, expanded, limited or temporarily unavailable.

Users should not store the only copy of critical data in beta. We recommend maintaining independent backups of important data, files, configurations and outputs.

Public paid access is not active yet. Planned paid plans, credits and billing options are being prepared and will apply only after they are clearly published or individually agreed. No current website communication creates a right to permanent pricing, permanent free use, a lifetime license or a specific service level.

7. Plans, prices, payments and billing

Graphode may be provided free of charge, as a trial, in paid plans, as a subscription, with a credit system or as a combination of these models. Public paid access is not active yet; planned paid plans are being prepared.

When paid access becomes available, current prices, plan scope, limits, credits and billing periods will be stated on the website, in the application, in the order, in the billing interface or in an individual offer.

Unless stated otherwise, prices are stated exclusive of VAT and other taxes. Tax documents are issued under applicable laws.

Billing transactions may be processed by a third-party billing provider. The Operator usually does not store full card numbers. Billing details are processed by the billing provider under its own terms and privacy policy.

Billing inquiries should be sent to billing@graphode.com.

8. Subscriptions, renewal and cancellation

Subscriptions renew according to the selected billing period unless cancelled before the end of the current period or unless otherwise stated.

The user may cancel a subscription using the process in the application or by contacting billing@graphode.com. Cancellation of a subscription usually does not create a right to a pro-rata refund for the current billing period unless required by law, the specific offer or these Terms.

If payment fails, the service may be temporarily limited, suspended or terminated after notice. The Operator may allow a reasonable additional payment period.

9. Credits and usage

Selected Graphode features may consume credits. This may include AI runs, automations, compute operations, integrations, file storage or file processing.

Credits have no monetary value, are not electronic money, cannot be exchanged for cash and are intended only for use within Graphode.

Free, bonus, promotional or test credits may have limited validity, may be limited to specific features and may be removed in case of misuse or termination of the program.

Paid credits, their expiry, transferability and possible refunds are governed by the specific offer. Unless stated otherwise, credits are linked to the account or organization to which they were allocated.

10. Customer Content and content rights

The user retains rights to Customer Content. The Operator does not acquire ownership of Customer Content.

The user grants the Operator a non-exclusive, worldwide, time-limited license to process Customer Content to the extent necessary to provide, secure, maintain, support, improve and develop the service, resolve incidents, comply with legal obligations and protect the rights of the Operator, users and third parties.

The user is responsible for having the rights and permissions to the content they submit to the service and for ensuring that their content does not violate laws, third-party rights or these Terms.

The Operator may remove or restrict content if it is clearly illegal, violates these Terms, threatens the security or operation of the service, or if removal is required for legal, security or operational reasons.

11. AI Features and AI outputs

AI Features may generate inaccurate, incomplete, misleading, repetitive or inappropriate outputs. AI outputs are not professional advice, legal, tax, financial, medical or other expert recommendations.

The user is responsible for reviewing, assessing and using AI outputs. The user must not use AI outputs in a way that violates laws, third-party rights, security rules, ethical rules or the terms of AI model providers.

To the extent permitted by law, the user may use AI outputs created for them within the service. The user acknowledges that AI systems may create similar or identical outputs for other users and that the Operator does not guarantee uniqueness, originality, accuracy or legal clearance of AI outputs.

Do not submit sensitive personal data, special categories of personal data, trade secrets, access credentials, passwords, API keys, payment data, health information, children’s data or other highly sensitive data to AI Features unless expressly permitted and contractually covered.

The Operator does not knowingly use Customer Content to train public foundation AI models unless expressly agreed with the customer. Processing by third-party AI providers is governed by their terms and settings, which will be listed in the subprocessor list if used.

12. Integrations and third parties

Graphode may allow connections to external services, APIs, repositories, storage systems, models, communication tools, payment services or other third-party applications.

By using an integration, the user authorizes Graphode to transmit, retrieve, store or process data to the extent necessary for that integration. The user is responsible for having authority to connect the external account and transfer data to Graphode.

Third-party services are governed by their own terms. The Operator is not responsible for their availability, changes, errors, prices, data processing or decisions to discontinue an integration, except for liability that cannot be excluded by law.

13. Service availability, SLA and maintenance

The Operator strives to run the service reliably, but availability varies by product phase and plan.

No SLA, guaranteed availability or service credits are provided for pilot operation, beta operation or early access.

During the first 3 months after public launch following the end of beta, the service is provided without guaranteed SLA unless a specific paid plan or individual agreement states otherwise.

After 3 months from public launch, paid non-beta plans are planned to have a target monthly availability of 99.0 % unless a specific plan or agreement states otherwise. This is a target availability level, not an automatic financial guarantee unless service credits are expressly agreed in a separate SLA.

Downtime does not include planned maintenance, emergency security maintenance, downtime caused by the user, misconfiguration, internet failures, third-party service issues, force majeure, beta features, experimental features or limitations resulting from legal or security reasons.

The Operator may perform planned maintenance. Where reasonably possible, planned maintenance will be announced in advance in the application, by email or on a status page if available.

14. Support

Support is provided primarily by email at support@graphode.com. A ticketing system may be added directly to Graphode in the future.

The standard target initial response time is within 48 business hours. This is an initial response target, not a guarantee that the request will be resolved within that time.

Support is normally provided on business days, excluding public holidays in the Czech Republic, unless stated otherwise. Higher support levels may be included in selected paid plans or individual agreements.

15. Acceptable use

The user must not use the service for illegal, harmful, fraudulent, harassing, discriminatory, violent, pornographic, extremist, invasive or otherwise inappropriate purposes.

In particular, the user must not:

  • disrupt the security, integrity or availability of the service,
  • bypass limits, authentication, authorization or payment mechanisms,
  • reverse engineer, scrape, crawl or run automated load outside permitted APIs and limits,
  • submit malware, harmful code, phishing content or attack data,
  • process personal data or third-party data without authorization,
  • store or process content without appropriate rights,
  • use the service to create or distribute harmful AI content,
  • test vulnerabilities without prior written consent,
  • resell, rent or provide the service to third parties outside authorized organization users.

If these rules are violated, the Operator may restrict, suspend or terminate access to the service, remove problematic content, reject requests or take other reasonable steps.

16. Intellectual property

Graphode, its software, brand, design, graphics, user interface, documentation, database structures, APIs, know-how and other service elements are protected by intellectual property rights of the Operator or its suppliers.

The user receives only a limited, non-exclusive, non-transferable and revocable right to use the service in accordance with these Terms, the applicable plan and documentation.

Feedback, suggestions or product comments may be used by the Operator without restriction and without compensation unless otherwise agreed in writing.

17. Confidentiality and security

The Operator takes reasonable technical and organizational measures to protect the service and Customer Content. No system is absolutely secure.

The user is responsible for the security of access credentials, permission management in the organization, secure integration configuration, protection of API keys and control of content submitted to the service.

The Operator may access Customer Content only to the extent necessary for operation, support, security, incident handling, legal compliance or at the user’s request.

18. Defects and complaints

Rights arising from defective performance, complaints and complaint handling are governed by the Graphode Complaint Policy, which forms part of these Terms.

Users may submit complaints to support@graphode.com with the subject “Complaint”.

19. Liability

The service is provided within the scope available under the selected plan and product phase. The Operator does not warrant that the service will be suitable for every specific user purpose, error-free, uninterrupted, or that AI outputs will be accurate, complete, legally usable or unique.

The Operator is not liable for damages caused in particular by:

  • improper use of the service,
  • insufficient review of AI outputs,
  • content submitted by the user,
  • external integrations and third-party services,
  • internet or infrastructure outages outside the Operator’s control,
  • force majeure,
  • the user’s breach of these Terms.

For business users, the Operator’s total liability for damages is limited to the amount paid by the relevant customer for the service in the 3 months preceding the damage event, up to CZK 10,000, unless the law requires otherwise.

This limitation does not apply to harm caused intentionally or by gross negligence, harm to natural human rights, liability that cannot be legally limited and consumer rights that cannot be excluded by law.

20. Suspension and account termination

The user may stop using the service and request account deletion. Account deletion may affect access to organizations, data, billing, credits and history.

The Operator may suspend or terminate an account or organization if the user breaches these Terms, fails to pay due amounts, threatens service security, infringes third-party rights, submits illegal content or if required by law.

After account termination, the Operator may retain data for a reasonable period for recovery, legal obligations, billing, security, dispute resolution and backups. Details are provided in the Privacy Policy.

21. Service and Terms changes

Graphode is developed continuously. The Operator may change features, interfaces, limits, integrations, prices, plans and these Terms.

Material changes to these Terms or paid plan prices will be announced reasonably in advance, usually by email, in the application or by publication on the website. If the user does not agree with a change, the user may stop using the service or cancel the subscription before the change becomes effective.

Changes required for legal, security, technical or operational reasons may take effect earlier.

22. Consumers and alternative dispute resolution

If the user is a consumer, the user has rights under consumer protection laws. These Terms do not affect rights that a consumer cannot validly waive.

A consumer may submit a proposal for alternative dispute resolution to the Czech Trade Inspection Authority, website: https://www.coi.cz/.

23. Governing law and jurisdiction

These Terms are governed by the laws of the Czech Republic, excluding conflict-of-law rules. If the user is a consumer resident in another EU state, this does not affect the mandatory rights under the law of the user’s habitual residence.

Disputes with business users will be resolved by the competent courts of the Czech Republic unless mandatory law provides otherwise.

24. Final provisions

If any provision of these Terms is invalid or ineffective, the remaining provisions remain valid. The parties will replace the invalid provision with a valid one that is as close as possible in economic and legal meaning.

These Terms are effective from the date stated above.

---

2. Graphode Complaint Policy

1. Scope

This Complaint Policy governs users’ rights arising from defective performance when using Graphode, the complaint submission process and complaint handling.

The Complaint Policy applies to the Graphode digital service, paid plans, credits and related digital features provided by Tixono s.r.o.

2. When a complaint may be submitted

A complaint may be submitted in particular if the service does not correspond to the ordered plan, is not provided in the agreed scope, a material feature repeatedly fails, billing is incorrect, credits are incorrectly deducted, or the service has another defect under applicable law.

A defect usually does not include unavailability or limitation caused by the user, the user’s device, internet connection, integration settings, a third-party service, force majeure, planned maintenance, beta features or use contrary to documentation and the Terms of Service.

AI outputs may be inaccurate or incomplete. A factual error in an AI output alone is not considered a service defect if the service technically performed the requested operation and no express guarantee of the accuracy of a specific output was agreed.

3. How to submit a complaint

Send complaints by email to support@graphode.com with the subject “Complaint”. For payment and billing complaints, you may use billing@graphode.com.

A complaint should include:

  • name and surname or organization name,
  • account email,
  • order, invoice, plan or payment identification if the complaint concerns payment,
  • workspace, project, workflow, file, AI run or another service area if relevant,
  • description of the defect,
  • when the defect occurred,
  • screenshots, logs, error IDs or other evidence if available,
  • requested remedy.

If the complaint does not contain sufficient information, the Operator may ask the user to provide additional details.

4. Confirmation and handling period

The Operator will confirm receipt of the complaint without undue delay, usually by email.

Consumer complaints will be handled no later than 30 days from submission unless the Operator and the consumer agree on a longer period.

Business complaints will be handled within a reasonable time depending on the complexity of the case, usually with a target of 30 days.

5. Complaint remedies

Depending on the nature of the defect, a complaint may be resolved by:

  • repair or restoration of the feature,
  • provision of the missing service,
  • explanation or configuration guidance,
  • billing correction,
  • return of incorrectly deducted credits,
  • reasonable discount,
  • refund to the extent required by law or the specific offer,
  • termination of the contract if statutory conditions are met.

Refunds are made using the same payment method used for the original payment unless the parties agree otherwise or this is technically impossible.

6. Rejection of a complaint

The Operator may reject a complaint if it is proven that the defect does not exist, was caused by the user, resulted from a third-party service, relates to a beta or experimental feature without guarantee, was caused by breach of the Terms, or the user fails to provide necessary cooperation.

The user will be informed of the rejection and the reason.

7. Complaint costs

Submitting a complaint is free of charge. The user bears their own costs of preparing the complaint unless applicable law provides otherwise.

8. Consumer rights

This Complaint Policy does not affect statutory consumer rights. A consumer may also contact the Czech Trade Inspection Authority as an alternative dispute resolution body.

---

3. Withdrawal Information and Model Withdrawal Form

1. Consumer right of withdrawal

If you conclude a contract as a consumer by distance means, you generally have the right to withdraw from the contract within 14 days from its conclusion without giving any reason.

To withdraw, it is sufficient to send a clear withdrawal statement within the 14-day period to support@graphode.com or another contact specified by the Operator.

2. Digital service and immediate access

Graphode is a digital service. If, during the order process, you expressly request that the Operator starts providing the service before the 14-day withdrawal period expires and you acknowledge the related consequences, your right of withdrawal may be limited under applicable law.

If we start providing the service at your request before the period expires and you later withdraw, you may be charged a proportionate part of the price for performance provided up to the withdrawal moment. If digital content or the digital service is fully provided under conditions set by law, the right of withdrawal may expire.

For consumed credits, AI runs, compute operations or other immediately provided digital performance, the refunded amount may be proportionately reduced if permitted by law and the user agreed to immediate performance.

Recommended checkbox text during order: “I request immediate access to the Graphode service before the 14-day withdrawal period expires and acknowledge that my withdrawal right may be limited under applicable law.”

3. Business users

If you conclude the contract as an entrepreneur or on behalf of a legal entity, the statutory consumer withdrawal right does not apply unless the specific offer states otherwise.

4. Consequences of withdrawal

If you validly and timely withdraw, we will refund payments received from you without undue delay and no later than 14 days from receipt of the withdrawal, reduced by any proportionate amount for performance already provided if permitted by law.

Refunds will be made using the same payment method used for the original payment unless we agree otherwise.

Withdrawal may terminate access to paid features, plans, credits or content associated with the order. Some data may be retained for the time necessary to comply with legal obligations, resolve disputes, maintain security, perform audits and process backups.

5. Model withdrawal form

Addressee: Tixono s.r.o., Příčná 1892/4, Nové Město, 110 00 Prague, Czech Republic, email: support@graphode.com, data box ID: fiu9h56

I hereby withdraw from the contract for the provision of the Graphode service.

Order date: ____________________

Order or invoice number: ____________________

Account email: ____________________

Consumer name and surname: ____________________

Consumer address: ____________________

Bank account for refund, if refund cannot be made by the original payment method: ____________________

Date: ____________________

Consumer signature if this form is sent on paper: ____________________

---

4. Privacy Policy and GDPR Information

1. Controller

The controller of personal data is Tixono s.r.o., Company ID 17152097, with registered office at Příčná 1892/4, Nové Město, 110 00 Prague, Czech Republic, email: support@graphode.com, data box ID: fiu9h56.

This Policy explains how we process personal data when operating the Graphode website, Graphode application, user accounts, support, billing, marketing, AI features, integrations and related services.

No Data Protection Officer has been appointed unless the website states otherwise.

2. Controller and processor roles

For user, account, billing, support, security and marketing data, Tixono s.r.o. usually acts as the controller of personal data.

For personal data that a customer submits into workspaces, files, workflows, prompts, integrations, automations or AI runs, Tixono s.r.o. may act as a processor on behalf of the customer. In that case, the customer is the controller and Tixono processes the data under the customer’s instructions, these Terms and any Data Processing Agreement.

3. Categories of personal data

We may process in particular:

  • identification data: name, surname, company name, company ID, VAT ID, billing details,
  • contact data: email, phone, address, support contacts,
  • account data: login identifiers, password hash, roles, permissions, organization memberships, invitations,
  • service usage data: actions in the application, workspaces, projects, workflows, tasks, settings, integrations,
  • Customer Content: files, text, prompts, outputs, configurations, metadata and other data submitted by users,
  • AI data: inputs, outputs, models, parameters, usage units, run time and AI operation metadata,
  • billing and payment data: orders, plan, credits, usage, invoices, payment status, payment provider identifiers,
  • technical data: IP address, device identifiers, browser, operating system, cookies, logs, error messages,
  • security and audit data: login times, permission changes, login attempts, system events, incidents,
  • communication data: emails, support requests, feedback, survey responses,
  • marketing data: preferences, consents, opt-outs, interactions with marketing communication.

4. Purposes and legal bases

We process personal data for the following purposes:

| Purpose | Typical legal basis |

|---|---|

| account creation and management | performance of contract |

| provision of Graphode | performance of contract |

| organizations, workspaces, roles and permissions | performance of contract, legitimate interest |

| AI features, workflows, files and integrations | performance of contract, or processing on behalf of customer |

| billing, taxes and accounting | performance of contract, legal obligation |

| customer support | performance of contract, legitimate interest |

| security, misuse prevention and audit | legitimate interest, legal obligation |

| service improvement and diagnostics | legitimate interest |

| marketing to users | consent or legitimate interest depending on communication type |

| cookies and analytics | consent, unless strictly necessary cookies are used |

| dispute resolution and legal claims | legitimate interest, legal obligation |

5. Customer Content and sensitive data

The user is responsible for the data submitted to the service. Do not submit special categories of personal data, health data, biometric data, children’s data, payment card data, passwords, API keys, secret credentials or other highly sensitive data into Graphode unless expressly permitted and contractually covered.

If a customer processes third-party personal data in Graphode, the customer is responsible for having a lawful basis, providing required notices to data subjects and ensuring that use of Graphode complies with the customer’s controller obligations.

6. AI processing

AI Features may involve processing prompts, input data, files, instructions, outputs, metadata, usage units and technical parameters. This data may be shared with external AI model providers if the relevant feature uses them.

The Operator does not knowingly use Customer Content to train public foundation AI models without express agreement with the customer. The settings and terms of external AI providers will be described in the subprocessor list if used.

AI outputs are not automated decision-making with legal or similarly significant effects by the Operator. The user is responsible for reviewing and using AI outputs.

7. Recipients and subprocessors

Personal data may be disclosed to the following categories of recipients:

  • hosting and cloud infrastructure providers,
  • database, storage, monitoring, logging and security providers,
  • payment gateways and billing systems,
  • email and communication services,
  • AI model and compute providers,
  • analytics and cookie providers if used,
  • legal, accounting and tax advisors,
  • public authorities if required by law.

The current subprocessor list should be published on the website in a separate “Subprocessors” section or provided upon request.

Recommended minimum subprocessor table:

| Subprocessor | Purpose | Location | Transfer outside EEA | Note |

|---|---|---|---|---|

| Hosting and infrastructure provider | hosting and infrastructure | to be completed after provider confirmation | to be completed after region confirmation | production data |

| Stripe or another payment provider | payments, subscriptions, billing | according to the selected payment provider | according to the selected payment provider | if active |

| Email provider | transactional emails and support | to be completed after provider confirmation | to be completed after region confirmation | e.g. verification emails |

| AI providers | AI features | to be completed according to used models | to be completed according to used models | depending on used models |

| Analytics tools | website analytics | to be completed according to deployed tools | to be completed according to deployed tools | consent-based unless strictly necessary |

8. Transfers outside the EEA

If personal data is transferred outside the European Economic Area, we use appropriate safeguards under the GDPR, such as adequacy decisions, standard contractual clauses, supplementary technical measures or other legal mechanisms.

9. Retention

We retain personal data only for as long as necessary for the relevant purpose:

  • account data: for the duration of the account and a reasonable period after deletion,
  • Customer Content: for the duration of service use and then until deletion or expiry of backup periods,
  • backups: usually up to 90 days unless technically or legally required longer,
  • billing and accounting data: for the period required by law, typically up to 10 years,
  • support communication: usually 3 years from request resolution unless longer retention is necessary,
  • security and operational logs: usually 12 to 24 months, longer in case of an incident or legal claim,
  • marketing consents: until withdrawal of consent or expiry of the purpose.

Specific periods may vary depending on the plan, legal obligations, security needs and technical architecture.

10. Data subject rights

Under the GDPR, you may have the right to:

  • access personal data,
  • rectify inaccurate data,
  • erasure,
  • restriction of processing,
  • data portability,
  • object to processing based on legitimate interest,
  • withdraw consent,
  • lodge a complaint with a supervisory authority.

Send requests to support@graphode.com with the subject “GDPR”. For security reasons, we may request identity verification.

The supervisory authority in the Czech Republic is the Office for Personal Data Protection, website: https://www.uoou.cz/.

If the request concerns data processed in a customer workspace, we may refer you to the relevant customer as data controller.

11. Security

We use reasonable technical and organizational measures, which may include access control, authentication, environment separation, encryption in transit, logging, monitoring, backups, audit records, employee access limitations and security procedures.

Users must protect their accounts, not share passwords, correctly configure roles, protect API keys and use integrations securely.

12. Children

Graphode is not intended for children. The user must have legal capacity to enter into a contract or act on behalf of an organization. If we discover that we process a child’s data without an appropriate legal basis, we will take reasonable steps to delete it.

13. Changes to this Policy

We may update this Policy. Material changes will be announced in a reasonable manner, for example by email, in the application or by publication on the website.

---

5. Data Processing Agreement, DPA

This section applies if Tixono s.r.o. processes personal data on behalf of a customer as a processor under Article 28 GDPR.

1. Subject matter and duration

The subject matter of processing is the provision of Graphode to the customer, including workspaces, workflows, AI features, files, integrations, tasks, support, security and related services.

The processing lasts for the duration of the customer’s use of the service and further for the period necessary for deletion, export, backups, legal obligations and claims handling.

2. Nature and purpose of processing

Processing includes storage, transmission, reading, organization, disclosure, modification, deletion, backup, logging, analysis, output generation and other operations necessary to provide the service.

The purpose is to provide Graphode to the customer and enable the customer to process Customer Content under the customer’s instructions.

3. Categories of data and data subjects

Categories of personal data depend on what the customer submits to Graphode. They may include identification, contact, work, technical, content, communication and other data.

Data subjects may include the customer’s users, employees, contractors, clients, suppliers, contacts and other persons whose data the customer processes.

4. Customer instructions

Tixono processes personal data only on documented customer instructions unless processing is required by EU or Member State law. Instructions include these Terms, service settings, documentation, configurations, customer requests and the concluded order.

5. Processor obligations

Tixono undertakes to:

  • process personal data only on customer instructions,
  • ensure confidentiality of persons with access to the data,
  • implement reasonable technical and organizational measures,
  • use subprocessors only under these Terms,
  • assist the customer with GDPR obligations within reasonable scope,
  • assist with data subject requests where possible,
  • notify the customer of a personal data breach without undue delay after becoming aware of it,
  • delete or return data after service termination according to service settings and legal obligations,
  • provide information reasonably necessary to demonstrate compliance with Article 28 GDPR.

6. Subprocessors

The customer agrees to the engagement of subprocessors necessary to operate the service. The current subprocessor list will be published on the website or provided upon request.

Tixono will ensure that subprocessors are bound by data protection obligations required by the GDPR.

If the customer disagrees with a new subprocessor, the customer may raise a reasoned objection. If the objection cannot be resolved, the customer may terminate the affected part of the service under the agreement.

7. Security measures

Security measures may include:

  • access and permission management,
  • authentication and role management,
  • encryption in transit,
  • separation of customer environments,
  • logging and audit records,
  • backups and recovery,
  • availability and error monitoring,
  • limitation of internal access,
  • incident procedures,
  • regular updates and technical maintenance.

8. Audits

The customer may request information necessary to verify processing compliance. Tixono may provide security documentation, questionnaires, certifications, reports or other reasonable evidence.

A physical audit is possible only by prior agreement, within reasonable scope, under conditions protecting security, confidentiality and other customers, and may be charged based on costs.

---

6. Cookie Policy

1. What cookies are

Cookies are small files or similar technologies stored on the user’s device. They help ensure website operation, login, security, preferences, analytics and, if applicable, marketing.

2. What cookies we use

Graphode may use these cookie categories:

| Category | Purpose | Consent |

|---|---|---|

| Strictly necessary cookies | login, security, session, abuse prevention, cookie preference storage | not required |

| Preference cookies | language, interface, user settings | depending on specific setup |

| Analytics cookies | traffic measurement and website improvement | usually required |

| Marketing cookies | campaigns, remarketing, ad personalization | required |

Before publication, add the actual cookie list, providers, purposes and storage periods.

3. Cookie management

The user may change cookie settings in the cookie banner if available or in the browser. Blocking strictly necessary cookies may prevent the website or application from functioning properly.

4. Third parties

If we use third-party analytics or marketing tools, those providers may process data under their own policies. These tools will be activated only according to applicable legal requirements, especially based on consent where required.

---

7. Acceptable Use Policy, AUP

The user must not use Graphode in a way that is illegal, harmful or disrupts the service, other users or third parties.

Prohibited use includes in particular:

  • illegal content and activity,
  • malware, phishing, spam and infrastructure abuse,
  • unauthorized security testing,
  • attempts to access third-party data,
  • infringement of intellectual property rights,
  • mass harassment, discrimination or threats,
  • processing highly sensitive data without a legal basis and appropriate safeguards,
  • bypassing limits, plans, authorization or usage measurement,
  • generation of harmful AI content,
  • using the service for decisions with legal or similarly significant effects without human review and an appropriate legal basis.

If the AUP is violated, the Operator may restrict or terminate access, remove content, notify the organization administrator, preserve evidence, contact public authorities or take other reasonable steps.

---

8. Service Availability and Support, standalone SLA page

1. Service phases

| Phase | Availability | SLA | Note |

|---|---:|---|---|

| Private preview / pilot | no guarantee | no | limited early access |

| Closed beta / open beta | no guarantee | no | features may change |

| first 3 months after public launch | no guaranteed SLA | no, unless plan states otherwise | stabilization period |

| paid non-beta plans after stabilization | target 99.0 % monthly | planned | unless plan or agreement states otherwise |

2. Exclusions

Availability excludes planned maintenance, security interventions, third-party outages, force majeure, user errors, incorrect integrations, internet problems, beta features, experimental features and restrictions caused by legal or security obligations.

3. Support

Primary support channel: support@graphode.com.

Billing: billing@graphode.com.

Standard support target initial response: within 48 business hours.

The target initial response is not a guaranteed resolution time.

4. Service credits

Service credits or financial compensation are not provided unless expressly agreed in a specific paid plan or individual SLA.

---

9. Contact, operator identification and legal information

Operator: Tixono s.r.o.

Company ID: 17152097

Registered office: Příčná 1892/4, Nové Město, 110 00 Prague, Czech Republic

Commercial Register: Municipal Court in Prague, file no. C 367051

Data box ID: fiu9h56

Date of incorporation and registration: 17 May 2022

Legal form: limited liability company

Managing director: Michael Flendr, the managing director represents the company independently

Email: info@graphode.com

Support: support@graphode.com

Billing: billing@graphode.com

Consumer alternative dispute resolution body: Czech Trade Inspection Authority, https://www.coi.cz/.

---

10. Recommended additional website pages

In addition to the main documents, I recommend publishing these standalone pages:

1. Terms of Service.

2. Complaint Policy.

3. Withdrawal Information and Withdrawal Form.

4. Privacy Policy and GDPR Information.

5. Data Processing Agreement, DPA.

6. Cookie Policy.

7. Subprocessors.

8. Acceptable Use Policy, AUP.

9. Service Availability and Support, SLA/status.

10. Security page.

11. Contact and operator identification.

12. Pricing and billing FAQ, especially if credits and subscriptions are used.

Download source markdown