AnansiTraps AnansiTraps
Join Waitlist

Terms and Conditions

Effective Date: March 26, 2026

Last Revised: March 26, 2026

1. Introduction and Acceptance

These Terms and Conditions ("Terms") constitute a legally binding agreement between AnansiTraps Ltd. ("AnansiTraps," "we," "us," or "our"), a company incorporated in Nairobi, Kenya, and the entity or individual ("Client," "you," or "your") accessing or using the AnansiTraps cyber deception platform, associated services, APIs, documentation, and any managed security offerings (collectively, the "Platform" or "Services").

By accessing the Platform, executing an Order Form, commencing a free trial, or otherwise using any AnansiTraps Service, you confirm that you have read, understood, and agree to be bound by these Terms. If you are entering into these Terms on behalf of an organization, you represent and warrant that you have the authority to bind that organization.

If you do not agree to these Terms, you must not access or use the Platform.

These Terms apply to all Client types including enterprise organizations, government and public sector entities, financial institutions, banks, and Managed Security Service Providers (MSSPs) and authorized resellers.

2. Definitions

For the purposes of these Terms, the following definitions apply:

  • "Authorized Users" means employees, contractors, or agents of the Client who are authorized by the Client to access and use the Platform under the Client's account.
  • "Deception Assets" means honeypots, decoys, lures, breadcrumbs, fake credentials, and other deceptive infrastructure elements deployed by the Platform within the Client's environment.
  • "Client Data" means all data, content, and information submitted to or generated within the Platform by the Client or its Authorized Users, excluding Threat Intelligence Data.
  • "Threat Intelligence Data" means attacker behavioral data, tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and related telemetry captured by Deception Assets during adversary engagement.
  • "Order Form" means a written or electronic order document executed between AnansiTraps and the Client specifying the Services, subscription tier, term, and pricing.
  • "Subscription Term" means the period during which the Client is licensed to use the Platform as specified in the applicable Order Form.
  • "Managed Security Service" means AnansiTraps-operated monitoring, deployment, tuning, and incident response services provided to the Client as an add-on or standalone offering.
  • "Free Trial" means a time-limited, no-charge access period granted at AnansiTraps' discretion for evaluation purposes.
  • "Confidential Information" means any non-public information disclosed by one party to the other that is designated as confidential or that reasonably should be understood to be confidential given its nature.
  • "Documentation" means technical guides, user manuals, API references, and deployment materials provided by AnansiTraps in connection with the Platform.
  • "Reseller" means an entity authorized by AnansiTraps to market, sell, or distribute the Platform to end clients.

3. The Platform and Services

3.1 Platform Description

AnansiTraps provides an active cyber deception platform that deploys realistic Deception Assets across the Client's on-premise, cloud, and hybrid infrastructure environments. The Platform is designed to detect unauthorized access, lateral movement, credential theft, and other adversarial behaviors by engaging attackers with high-fidelity decoys indistinguishable from legitimate assets.

3.2 Service Tiers

AnansiTraps offers the following service models, as specified in the applicable Order Form:

a) SaaS Subscription
Cloud-delivered Platform access on a monthly or annual subscription basis. Includes platform management console, deception asset deployment, threat telemetry, alerting, and integrations with third-party tools including CrowdStrike, Slack, Splunk, Microsoft Sentinel, AWS Security Hub, and Google Security Command Center.

b) Managed Security Service
AnansiTraps security engineers actively monitor, operate, tune, and respond to deception events on the Client's behalf. Service level commitments are defined in a separate Service Level Agreement (SLA) document incorporated into the applicable Order Form.

c) Free Trial
A time-limited evaluation period, not exceeding thirty (30) days unless extended in writing by AnansiTraps, during which the Client may access a scoped version of the Platform at no charge. Free Trials are subject to these Terms in full. AnansiTraps reserves the right to terminate a Free Trial at any time without notice.

3.3 Cloud Platform Support

The Platform is deployable on and provides deception coverage across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). Deployment on these platforms is subject to the respective cloud provider's terms of service in addition to these Terms.

3.4 Updates and Modifications

AnansiTraps continuously develops and improves the Platform. We reserve the right to modify, update, or enhance Platform features and functionality at any time. We will provide reasonable advance notice of changes that materially reduce functionality available to active subscribers. We will not make changes that fundamentally alter the core deception capabilities of the Platform without Client consent.

4. Account Registration and Access

4.1 Account Creation

To access the Platform, the Client must register an account and provide accurate, complete, and current information. The Client is responsible for maintaining the accuracy of account information throughout the Subscription Term.

4.2 Authorized Users

The Client may provision access for Authorized Users up to the number specified in the applicable Order Form. The Client is solely responsible for:

  • Managing Authorized User access and permissions
  • Ensuring Authorized Users comply with these Terms
  • All actions taken by Authorized Users within the Client's account
  • Promptly revoking access for any individual who is no longer an Authorized User

4.3 Account Security

The Client must implement and maintain reasonable security measures to protect account credentials, including enforcing multi-factor authentication (MFA) where supported. The Client must notify AnansiTraps immediately at legal@anansitraps.com upon becoming aware of any unauthorized access to or use of the Client's account.

4.4 Government and Financial Institution Accounts

Clients that are government entities or regulated financial institutions acknowledge that their use of the Platform may be subject to additional regulatory requirements. AnansiTraps will cooperate in good faith with reasonable compliance-related requests from such Clients, subject to mutual agreement on scope and timeline.

5. Acceptable Use

5.1 Permitted Use

The Client may use the Platform solely for lawful cybersecurity purposes within its own infrastructure or, in the case of MSSPs, within client environments for which the MSSP has obtained explicit written authorization. Permitted use includes deploying Deception Assets, monitoring threat telemetry, investigating security incidents, conducting authorized red team/blue team exercises, and integrating the Platform with authorized third-party security tools.

5.2 Prohibited Use

The Client must not, and must ensure Authorized Users do not:

  • Use the Platform to deploy Deception Assets within any infrastructure the Client does not own or does not have explicit written authorization to monitor
  • Use the Platform to conduct offensive cyberattacks, unauthorized penetration testing, or any activity that violates applicable computer crime or cybersecurity laws
  • Attempt to reverse engineer, decompile, disassemble, or derive source code from the Platform
  • Resell, sublicense, or otherwise transfer Platform access to any third party except as expressly authorized in writing by AnansiTraps
  • Introduce malware, ransomware, or any malicious code into the Platform or AnansiTraps infrastructure
  • Use the Platform to process, store, or transmit data in violation of applicable privacy laws or third-party rights
  • Circumvent, disable, or interfere with any security, access control, or licensing mechanism within the Platform
  • Use the Platform in any manner that could damage, overload, or impair AnansiTraps systems or infrastructure
  • Misrepresent AnansiTraps' capabilities, certifications, or partnerships in any external communications

5.3 MSSP and Reseller Obligations

MSSPs and Resellers accessing the Platform on behalf of end clients bear full responsibility for ensuring that end client deployments comply with these Terms. MSSPs and Resellers must maintain written authorization from each end client prior to deploying Deception Assets in that client's environment and must provide copies of such authorization to AnansiTraps upon request.

6. Subscriptions, Fees, and Payment

6.1 Fees

Subscription fees, Managed Security Service fees, and any professional services fees are as specified in the applicable Order Form. All fees are quoted in the currency stated on the Order Form and are exclusive of applicable taxes unless otherwise stated.

6.2 Payment Terms

Unless otherwise agreed in writing, invoices are due and payable within thirty (30) days of the invoice date. For annual subscriptions, fees are invoiced at the start of each Subscription Term. For monthly subscriptions, fees are invoiced at the start of each monthly period.

6.3 Late Payment

Undisputed amounts not paid by the due date will accrue interest at the rate of 1.5% per month (or the maximum rate permitted by applicable law, whichever is lower) from the due date until the date of actual payment. AnansiTraps reserves the right to suspend Platform access for accounts with overdue balances after providing fourteen (14) days' written notice.

6.4 Taxes

The Client is responsible for all applicable taxes, levies, duties, or similar government charges associated with its use of the Platform, excluding taxes based on AnansiTraps' net income.

6.5 Price Changes

AnansiTraps may adjust subscription pricing at renewal with a minimum of sixty (60) days' written notice prior to the end of the then-current Subscription Term. Price changes do not apply to the current committed Subscription Term.

6.6 Government Procurement

Government and public sector Clients whose procurement processes require specific payment terms, purchase orders, or tender procedures should contact legal@anansitraps.com to discuss accommodation of such requirements prior to execution of an Order Form.

7. Subscription Term, Renewal, and Cancellation

7.1 Initial Term

The Subscription Term commences on the date specified in the Order Form and continues for the period stated therein (typically twelve (12) months for annual subscriptions).

7.2 Auto-Renewal

Unless either party provides written notice of non-renewal at least thirty (30) days prior to the end of the then-current Subscription Term, the subscription will automatically renew for a period equal to the initial Subscription Term at the then-current pricing.

7.3 Cancellation by Client

The Client may cancel a monthly subscription with thirty (30) days' written notice. Annual subscriptions are non-cancellable mid-term except as provided under Section 13 (Termination for Cause). No refunds are provided for prepaid subscription fees upon mid-term cancellation except where required by applicable law.

7.4 Free Trial Conversion

At the end of a Free Trial, Platform access will automatically cease unless the Client executes an Order Form. AnansiTraps will provide notice at least five (5) days before Free Trial expiry.

8. Intellectual Property

8.1 AnansiTraps IP

AnansiTraps retains all right, title, and interest in and to the Platform, Documentation, deception methodologies, algorithms, threat intelligence frameworks, and all improvements, modifications, and derivative works thereof. These Terms do not grant the Client any ownership rights in the Platform. The AnansiTraps name, logo, and all associated marks are the exclusive property of AnansiTraps Ltd.

8.2 Client License

Subject to these Terms and timely payment of all applicable fees, AnansiTraps grants the Client a limited, non-exclusive, non-transferable, non-sublicensable license to access and use the Platform solely for the Client's internal cybersecurity operations during the Subscription Term.

8.3 Client Data Ownership

The Client retains all right, title, and interest in Client Data. AnansiTraps does not claim ownership of Client Data. The Client grants AnansiTraps a limited license to process Client Data solely as necessary to deliver the Services.

8.4 Threat Intelligence Data

Threat Intelligence Data generated by Deception Assets deployed within the Client's environment is owned by the Client. AnansiTraps may use aggregated, anonymized, and de-identified Threat Intelligence Data for the purpose of improving the Platform, developing threat detection models, and publishing aggregate threat research reports. Such use will never identify the Client or any individual.

8.5 Feedback

If the Client provides suggestions, ideas, or feedback regarding the Platform ("Feedback"), AnansiTraps may use such Feedback without restriction or obligation to the Client. Feedback does not constitute Confidential Information.

9. Confidentiality

9.1 Obligations

Each party agrees to hold the other party's Confidential Information in strict confidence, to use it only for purposes of performing or receiving the Services under these Terms, and not to disclose it to any third party without the disclosing party's prior written consent, except to employees, contractors, or advisors with a need to know who are bound by confidentiality obligations no less protective than those in this Section.

9.2 Exclusions

Confidentiality obligations do not apply to information that: (a) is or becomes publicly available through no fault of the receiving party; (b) was already known to the receiving party prior to disclosure; (c) is independently developed by the receiving party without use of Confidential Information; or (d) is required to be disclosed by law or court order, provided the receiving party gives prompt written notice to the disclosing party and cooperates with any effort to seek a protective order.

9.3 Duration

Confidentiality obligations survive termination or expiry of these Terms for a period of five (5) years, except with respect to trade secrets, which shall be protected for as long as they qualify as such under applicable law.

9.4 Security of Confidential Information

Given the sensitive nature of cybersecurity engagements, both parties agree to apply security measures to Confidential Information that are no less rigorous than those applied to their own most sensitive information, and in no event less than reasonable security measures.

10. Data Protection and Privacy

10.1 Data Processing

To the extent that AnansiTraps processes personal data on behalf of the Client in the course of delivering the Services, such processing is governed by AnansiTraps' Data Processing Agreement (DPA), which is incorporated into these Terms by reference and is available at www.anansitraps.com/dpa. In the event of a conflict between these Terms and the DPA with respect to personal data processing, the DPA takes precedence.

10.2 Client Responsibilities

The Client is solely responsible for ensuring that its deployment of Deception Assets, and its use of Threat Intelligence Data, complies with applicable privacy laws, employment laws, and any internal policies governing monitoring of individuals within the Client's environment. AnansiTraps does not provide legal advice on the legality of specific deployment configurations.

10.3 Security Incident Notification

AnansiTraps will notify the Client without undue delay upon becoming aware of a confirmed security incident affecting Client Data. Notification will be provided in accordance with applicable data protection law and the terms of the DPA.

11. Warranties and Representations

11.1 AnansiTraps Warranties

AnansiTraps warrants that:

  • The Platform will perform materially in accordance with the Documentation during the Subscription Term
  • AnansiTraps will deliver Managed Security Services with reasonable skill and care
  • AnansiTraps has the right and authority to enter into these Terms and grant the licenses herein
  • The Platform does not, to AnansiTraps' knowledge, infringe any third-party intellectual property rights

11.2 Client Warranties

The Client warrants that:

  • It has the authority to enter into these Terms and bind its organization
  • It has obtained all necessary authorizations to deploy Deception Assets within the infrastructure environments specified in its Order Form
  • Its use of the Platform will comply with all applicable laws and regulations
  • It will not use the Platform for any unlawful or unauthorized purpose

11.3 Disclaimer

EXCEPT AS EXPRESSLY SET OUT IN SECTION 11.1, THE PLATFORM AND ALL SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE." ANANSITRAPS DISCLAIMS ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. ANANSITRAPS DOES NOT WARRANT THAT THE PLATFORM WILL BE UNINTERRUPTED, ERROR-FREE, OR THAT IT WILL DETECT ALL ADVERSARIAL ACTIVITY WITHIN THE CLIENT'S ENVIRONMENT. CYBER DECEPTION IS ONE LAYER OF A DEFENCE-IN-DEPTH STRATEGY AND DOES NOT CONSTITUTE A COMPLETE CYBERSECURITY SOLUTION.

12. Limitation of Liability

12.1 Exclusion of Consequential Damages

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, NEITHER PARTY SHALL BE LIABLE TO THE OTHER FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING LOSS OF PROFITS, LOSS OF REVENUE, LOSS OF DATA, BUSINESS INTERRUPTION, OR REPUTATIONAL HARM, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

12.2 Cap on Liability

EACH PARTY'S TOTAL CUMULATIVE LIABILITY ARISING OUT OF OR RELATED TO THESE TERMS, WHETHER IN CONTRACT, TORT, OR OTHERWISE, SHALL NOT EXCEED THE TOTAL FEES PAID OR PAYABLE BY THE CLIENT TO ANANSITRAPS IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM.

12.3 Exceptions

The limitations in Sections 12.1 and 12.2 do not apply to: (a) death or personal injury caused by negligence; (b) fraud or fraudulent misrepresentation; (c) a party's indemnification obligations under Section 14; (d) the Client's breach of Section 5.2 (Prohibited Use); or (e) any liability that cannot be excluded or limited under applicable law.

12.4 Government Clients

Where the Client is a government entity and applicable law restricts the application of certain liability limitations to government contracts, the parties agree to negotiate in good faith reasonable alternative liability provisions that achieve a commercially equivalent outcome.

13. Term and Termination

13.1 Term

These Terms commence on the date the Client first accesses the Platform or executes an Order Form and continue until the expiry or termination of all active Subscription Terms.

13.2 Termination for Cause

Either party may terminate these Terms or any active Order Form immediately upon written notice if:

  • The other party materially breaches these Terms and fails to cure such breach within thirty (30) days of receiving written notice specifying the breach
  • The other party becomes insolvent, makes a general assignment for the benefit of creditors, or becomes subject to insolvency, bankruptcy, or liquidation proceedings

13.3 Termination by AnansiTraps

AnansiTraps may suspend or terminate Platform access immediately and without liability if:

  • The Client breaches Section 5.2 (Prohibited Use)
  • AnansiTraps reasonably believes continued access poses a security risk to the Platform or other clients
  • Required to do so by applicable law or regulatory authority

13.4 Effect of Termination

Upon termination or expiry:

  • All licenses granted under these Terms immediately cease
  • The Client must promptly cease all use of the Platform and destroy or return any AnansiTraps Confidential Information
  • AnansiTraps will make Client Data available for export for a period of thirty (30) days following termination, after which it will be securely deleted in accordance with the DPA
  • All accrued payment obligations survive termination
  • Sections 8, 9, 10, 12, 14, 15, and 16 survive termination or expiry

14. Indemnification

14.1 By AnansiTraps

AnansiTraps will defend, indemnify, and hold harmless the Client against any third-party claim alleging that the Platform, as delivered and used in accordance with these Terms, infringes any patent, copyright, trademark, or trade secret. This obligation does not apply if the alleged infringement arises from Client modifications, Client Data, or use of the Platform in combination with third-party products not approved by AnansiTraps.

14.2 By the Client

The Client will defend, indemnify, and hold harmless AnansiTraps against any third-party claim arising from: (a) the Client's breach of these Terms; (b) unauthorized deployment of Deception Assets; (c) the Client's use of the Platform in violation of applicable law; or (d) Client Data infringing any third-party rights.

14.3 Indemnification Process

The indemnified party must: (a) promptly notify the indemnifying party in writing of the claim; (b) grant the indemnifying party sole control of the defense and settlement; and (c) provide reasonable cooperation. The indemnifying party may not settle any claim that imposes liability or obligation on the indemnified party without prior written consent.

15. Governing Law and Dispute Resolution

15.1 Governing Law

These Terms are governed by and construed in accordance with the laws of Kenya, without regard to its conflict of law principles. For Clients located in the European Union, mandatory consumer protection provisions of the Client's local law shall also apply where required.

15.2 Dispute Resolution

The parties agree to first attempt to resolve any dispute arising out of or in connection with these Terms through good faith negotiation between senior representatives of each party for a period of thirty (30) days following written notice of the dispute.

15.3 Arbitration

If a dispute is not resolved through negotiation, it shall be finally resolved by binding arbitration under the Nairobi Centre for International Arbitration (NCIA) Rules, with the seat of arbitration in Nairobi, Kenya. The arbitration shall be conducted in English by a single arbitrator agreed upon by the parties, or failing agreement, appointed by the NCIA. The arbitral award shall be final and binding.

15.4 Injunctive Relief

Nothing in this Section prevents either party from seeking urgent injunctive or other equitable relief from a court of competent jurisdiction where necessary to prevent irreparable harm, including in connection with a breach of confidentiality or intellectual property obligations.

15.5 Jurisdiction Variations

For Clients that are government entities subject to mandatory local dispute resolution requirements, the parties agree to negotiate alternative dispute resolution provisions that satisfy such requirements while preserving the intent of this Section.

16. General Provisions

16.1 Entire Agreement

These Terms, together with all applicable Order Forms, the DPA, and any executed SLAs, constitute the entire agreement between the parties with respect to the Platform and supersede all prior agreements, understandings, and negotiations relating to the subject matter hereof.

16.2 Order of Precedence

In the event of a conflict between documents, the order of precedence shall be: (1) Order Form; (2) Data Processing Agreement; (3) Service Level Agreement; (4) these Terms.

16.3 Amendments

AnansiTraps may amend these Terms from time to time. Material amendments will be communicated to active Clients via email and posted on our Site with at least thirty (30) days' notice before taking effect. Continued use of the Platform after the effective date constitutes acceptance of the amended Terms. For government and regulated financial institution Clients with active Order Forms, material amendments take effect only at the next renewal unless agreed otherwise.

16.4 Assignment

The Client may not assign or transfer these Terms or any rights hereunder without AnansiTraps' prior written consent. AnansiTraps may assign these Terms in connection with a merger, acquisition, or sale of all or substantially all of its assets, provided that the assignee assumes all obligations hereunder and written notice is given to the Client.

16.5 Force Majeure

Neither party is liable for any failure or delay in performance caused by circumstances beyond its reasonable control, including acts of God, war, civil unrest, cyberattacks on third-party infrastructure, government action, pandemic, or natural disaster, provided the affected party gives prompt written notice and uses reasonable efforts to resume performance.

16.6 Severability

If any provision of these Terms is found invalid or unenforceable, that provision will be modified to the minimum extent necessary to make it enforceable, and the remaining provisions will continue in full force and effect.

16.7 Waiver

No failure or delay by either party in exercising any right under these Terms constitutes a waiver of that right. Waivers must be in writing to be effective.

16.8 Notices

All legal notices under these Terms must be in writing and delivered by email with read receipt or by courier to the addresses specified in the applicable Order Form. Notices to AnansiTraps should be addressed to legal@anansitraps.com.

16.9 Relationship of Parties

The parties are independent contractors. Nothing in these Terms creates a partnership, joint venture, agency, franchise, or employment relationship between the parties.

16.10 Export Compliance

The Client acknowledges that the Platform may be subject to export control laws and regulations. The Client agrees not to export, re-export, or transfer the Platform or any related technical data to any country, entity, or individual in violation of applicable export control laws, including but not limited to those of Kenya, the United States, and the European Union.

16.11 Anti-Corruption

Each party represents that it has not and will not offer, pay, promise, or authorize any bribe, kickback, or improper payment in connection with these Terms, in compliance with applicable anti-corruption laws including the Bribery Act and the US Foreign Corrupt Practices Act.

17. Contact

For questions regarding these Terms, Order Forms, or contractual matters, please contact:

AnansiTraps Ltd.
Attn: Legal & Contracts
Nairobi, Kenya

Email: legal@anansitraps.com
Response time: Within 5 business days