Terms of Service

Effective Date: March 21, 2026 | Last Updated: March 24, 2026

These Terms of Service ("Terms") govern your use of the ICOSA Certification platform and related services operated by KYMA Tech Solutions ("KYMA", "we", "us"), a subsidiary of Sage Holdings LLC. By accessing or using our services, you agree to these Terms.

1. Services

KYMA provides AI compliance assessment services through the ICOSA Certification protocol, including:

• AI CR Sentinel: Single-model advisory compliance scans
• Pre-Statement Baseline: Multi-model pattern detection assessments
• ICOSA Certification: Full Byzantine Fault Tolerant multi-model consensus certification with blockchain attestation
• Remediation: Compliance gap analysis and remediation roadmaps

2. Eligibility

You must be at least 18 years old and authorized to bind the organization on whose behalf you are submitting systems for assessment. By using our services, you represent that you have this authority.

3. Assessment Methodology

ICOSA assessments are based on black-box behavioral observation. We evaluate the observable behavior of AI systems against applicable regulatory frameworks. We do not:

• Access, inspect, or store source code, model weights, or training data
• Extract data from assessed systems beyond compliance test responses
• Make determinations about system internals or architecture

4. Attestation Obligations

When submitting an AI system for assessment, you attest that:

1. All behavioral observations and system descriptions are accurate and based on first-hand or independently verified evidence
2. Observation periods, session counts, and methodology details are truthful
3. You have not been induced or compensated to misrepresent observations
4. You understand the ICOSA Council independently cross-validates attestations

Misrepresentation may result in certification denial, revocation, or referral to regulatory authorities.

5. Pricing and Payment

• Pricing is risk-based, determined by EU AI Act risk classification and observed behavioral complexity
• All Sentinel scan costs are 100% credited toward full ICOSA Certification
• We accept: credit/debit cards (via Stripe), Apple Pay, Ethereum, Bitcoin, Polygon, USDT, and CashApp
• All sales are final once an assessment has been initiated
• Failed assessments include one complimentary re-scan within 90 days after remediation

6. Certification Validity

• ICOSA Certificates are valid for 12 months from date of issuance
• Certificates may be revoked if material misrepresentation is discovered
• Blockchain-attested records are immutable and permanent
• Certificates represent compliance status at the time of assessment and do not guarantee future compliance

7. Intellectual Property

• The ICOSA Certification protocol, multi-model consensus methodology, and associated technology are Patent Pending (Application No. 63/789,142)
• All content, software, and materials on this platform are owned by KYMA Tech Solutions / Sage Holdings LLC
• Assessment reports are licensed to the purchasing organization for their internal use and regulatory submissions
• You may not reproduce, redistribute, or commercially exploit assessment methodology or reports without written permission

8. Limitation of Liability

ICOSA assessments are advisory in nature and do not constitute legal advice or guarantee regulatory compliance. Specifically:

• Assessment results reflect the information available at the time of assessment
• We are not liable for regulatory actions, fines, or penalties arising from your AI system's compliance status
• Our total liability shall not exceed the fees paid for the specific assessment in question
• We are not liable for indirect, incidental, consequential, or punitive damages

9. Disclaimer

Services are provided "as is" and "as available." We make no warranties, express or implied, regarding:

• The completeness or accuracy of regulatory interpretations
• Uninterrupted or error-free service availability
• Compatibility with future regulatory amendments

10. Acceptable Use

You agree not to:

• Submit fraudulent, fabricated, or misleading attestations
• Attempt to reverse-engineer, exploit, or interfere with the assessment protocol
• Use the service to circumvent or evade legitimate regulatory requirements
• Scrape, crawl, or automated-access the platform without authorization
• Attempt to access administrative endpoints or other users' data

11. Data Handling

Your data is processed in accordance with our Privacy Policy. By using our services, you consent to data processing as described therein.

12. Incident Reporting

If you discover a security vulnerability or data incident related to our services:

• Report immediately to: compliance@kymatech.online
• We commit to acknowledging reports within 24 hours
• We commit to providing a substantive response within 72 hours
• Responsible disclosure is appreciated and will not result in legal action against good-faith reporters

13. Governing Law

These Terms are governed by the laws of the State of California, United States. Any disputes shall be resolved in the courts of Orange County, California, unless otherwise required by applicable consumer protection laws in your jurisdiction.

14. Modifications

We may modify these Terms at any time. Material changes will be communicated via email to registered users at least 30 days before taking effect. Continued use after the effective date constitutes acceptance.

15. Severability

If any provision of these Terms is found unenforceable, the remaining provisions continue in full force and effect.

16. Contact

KYMA Tech Solutions (subsidiary of Sage Holdings LLC)
2442 Vassar Pl, Costa Mesa, CA 92626
Email: compliance@kymatech.online
Phone: 714-612-8902