AI-SOC 1 Policy
Terms of Use
1. About These Terms
1.1 Agreement Scope: These Terms of Use ("Terms") govern your access to and use of the Silence AI platform and services provided by Silence AI LLC ("Silence AI," "we," "us," or "our"). These Terms apply to you, the individual or entity accessing our services ("you" or "your"), and your employer or principal if you are acting on their behalf.
1.2 Authority and Acceptance: If you are entering into these Terms on behalf of a company, organization, or other entity, you represent that you have the authority to bind such entity to these Terms. By accessing or using our services, you agree to be bound by these Terms. If you do not agree with these Terms, you must discontinue use of our services immediately.
1.3 Service Domain and Scope: The AI-SOC 1 system operates across three dedicated domains, each serving a distinct functional role: (i) web-soc.silenceai.net — the Centralized Management Console (CMC) for the Web Security & Traffic Management subsystem, accessible to administrators; (ii) email-soc.silenceai.net — the Centralized Management Console (CMC) for the Email Security & Visualization subsystem, accessible to administrators; and (iii) mail.silenceai.net — the Webmail Client through which end users send and receive emails, accessible to users without administrative privileges. These Terms of Use apply exclusively to services accessible through the aforementioned domains. Any services provided on different domains are subject to separate terms and policies.
1.4 Age Requirement: Our services are intended for users who are at least 13 years old. By accessing or using the services, you represent and warrant that you are 13 years of age or older. If you are under 13, you must not access or use the services.
2. Service Description and Pricing
2.1 Web Security & Traffic Management: Web Security & Traffic Management provides web application protection, real-time traffic monitoring, country-level access control, and port restriction features. It protects against most types of web attacks, including DDoS, SQL injection, and other common web vulnerabilities, excluding business-logic vulnerabilities. This component includes two subsystems: the Agent and the Centralized Management Console (CMC). The CMC is responsible for administration and visualization, such as connecting your websites to the Agent. The Agent is responsible for protection and operates as a reverse proxy that filters all incoming traffic, forwarding only legitimate requests to your website.
2.2 Email Security & Visualization: Email Security & Visualization offers AI-powered email protection with advanced email-flow visualization, phishing and spoofing defense, and spam filtering. This component includes the CMC and a secure Webmail Client. The Webmail Client currently supports Outlook- and Gmail-based accounts and is designed for your company's corporate email addresses. The CMC lets administrators add and manage corporate email accounts and provides a visual view of all incoming and outgoing emails across the organization.
During mailbox migration from existing Gmail or Outlook accounts, Silence AI does not scan, analyze, or classify the content of migrated emails. Only after migration, when the Webmail Client is in active use, are all incoming emails automatically scanned and classified for security purposes. This refusal to process migrated email content is a deliberate privacy and compliance measure.
2.2.1 Five-Layer Email Security Architecture: The Email Security & Visualization component integrates a comprehensive five-layer sequential validation process for all incoming emails. Each email undergoes the following security assessment sequence:
Layer 1 — Sender Authentication Verification: Validation of email authenticity through analysis of SPF, DKIM, and DMARC authentication protocols to detect spoofed or forged sender addresses.
Layer 2 — Spam Detection: Identification of unsolicited bulk email, messages from senders with improper DNS configurations, and patterns consistent with spam distribution networks.
Layer 3 — Dangerous Link Analysis: Automated scanning and evaluation of all hyperlinks embedded within email content and attachments to identify malicious URLs, exploit distribution sites, and compromised domains.
Layer 4 — Domain-Based Phishing Detection: Analysis of sender domain characteristics to detect typosquatting, lookalike domains, and other domain-based phishing techniques (e.g., detection of "rncrosoft.com" impersonating legitimate domains).
Layer 5 — AI-Powered Content Analysis: Utilization of artificial intelligence to analyze email body content for phishing context, social engineering indicators, and fraudulent communication patterns.
2.2.2 Automated Folder Classification: Based on the results of the five-layer validation process, emails are automatically classified and routed to designated security folders: Possibly Spoofed (failed authentication), Spam (spam characteristics detected), Dangerous Link (malicious URLs identified), Possibly Phishing (phishing indicators detected), or Secure (passed all validation layers). This classification system enables users to efficiently identify and manage security threats while maintaining access to verified secure communications.
2.3 Pricing Information: Current pricing for AI-SOC 1 services is available on our website at silenceai.net/en/ai-soc/. We reserve the right to modify our pricing at any time. Price changes will be communicated through our platform and will take effect for new billing cycles after the notification period.
3. Service Level Agreement and Availability
3.1 100% Uptime SLA Guarantee: We provide a 100% Service Level Agreement (SLA) for service availability. In the event of any downtime that affects your use of our services, you are entitled to a full money-back guarantee for all pay-as-you-go fees charged by the system during the affected period. Downtime is measured in whole minutes from the moment service becomes unavailable to the moment full service is restored. The refundable amount is calculated as the total pay-as-you-go usage fees accrued by the system during each confirmed minute of downtime, as recorded in our billing logs.
3.2 Email Delivery Speed SLA: We provide a 100% SLA for email delivery speed within the Email Security & Visualization component. All incoming emails processed by the system are guaranteed to be delivered to the recipient's designated security folder within ten (10) minutes of receipt by our platform. In the event that any email delivery exceeds this ten-minute threshold due to a fault attributable to our platform, the affected pay-as-you-go fees charged during the period of delay shall be subject to the money-back guarantee set out in Section 3.1. This SLA applies solely to delays caused by our platform and does not cover delays attributable to third-party mail providers, network transit, or sender-side infrastructure.
3.3 Service Availability: While we strive to maintain continuous service availability, we may suspend or terminate access to our services for maintenance, updates, or other operational requirements with advance notice when possible. Planned maintenance windows communicated in advance are excluded from SLA downtime calculations under Sections 3.1 and 3.2.
4. User Responsibilities and Acceptable Use
4.1 Account Security: You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account.
4.2 Lawful Use: You agree to use our services only for lawful purposes and in compliance with all applicable laws and regulations.
4.3 Prohibited Activities: You agree not to: Use our services to conduct unauthorized security testing on systems you do not own or have explicit permission to test. Attempt to interfere with the proper functioning of our services. Use automated tools to access our services except as explicitly permitted. Engage in any activity that could harm our infrastructure or other users.
5. Data Processing and Infrastructure
5.1 Privacy Policy: Our collection, use, and protection of your information is governed by our Privacy Policy, which is incorporated into these Terms by reference and available at https://silenceai.net/policies/privacy/.
6. Service Activation and Free Trials
6.1 Component Activation: Each service component requires individual activation. Before activation, you will have access to system demonstrations, pricing videos, and informational content. The activation process is free, and you only pay for actual usage, which you must explicitly initiate.
6.2 Consent Process: When you click "Activate" for any service component, a popup window will appear containing the relevant privacy policy and terms specific to that component. You must provide consent before the service becomes fully accessible.
7. Intellectual Property Rights
7.1 Our Rights: We retain all intellectual property rights in our platform, services, technologies, and content. Nothing in these Terms grants you any rights to our intellectual property except as necessary to use our services as intended.
7.2 Your Content: You retain ownership of any content you provide to our services. By using our services, you grant us a limited license to process, analyze, and store your content solely for the purpose of delivering our services to you.
8. Privacy and Data Protection
8.1 Privacy Policy: Our collection, use, and protection of your personal information is governed by our Privacy Policy, which is incorporated into these Terms by reference and available at https://silenceai.net/policies/privacy/.
8.2 Data Security: We implement industry-standard security measures to protect your data and maintain the confidentiality of your information.
8.3 Prohibition on Unauthorized Staff Access to Client Email Data: Silence AI personnel — including employees, contractors, officers, directors, and any other human agents acting on behalf of Silence AI LLC — are strictly prohibited from reading, accessing, copying, or otherwise reviewing the content of any email messages, email attachments, or email metadata belonging to or associated with a client's mailboxes, without the prior, explicit, and documented written consent of the relevant client organization. This prohibition applies regardless of whether such email data is technically accessible via internal systems, administrative tooling, or third-party API integrations used to provide the Email Security & Visualization component of the Service. Client email data is processed exclusively by automated systems for the sole purpose of delivering the contracted security-scanning and visualization services. Any deviation from this rule, including access for debugging, support, or audit purposes, must be preceded by a written authorization request submitted to, and approved in writing by, an authorized representative of the client. Unauthorized access to client email data by any Silence AI personnel constitutes a material breach of this Agreement and may result in disciplinary action, termination of employment or engagement, and civil or criminal liability under applicable law. Silence AI maintains internal access-control policies and audit logs to enforce and evidence compliance with this provision.
8.4 Email Security and Domain Protection Mechanisms: As part of the Email Security & Visualization component of the Service, Silence AI enforces industry-standard email authentication mechanisms — including Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC) — designed to prevent unauthorized use of a customer's registered domain for the purposes of email spoofing, impersonation, or fraudulent message delivery.
8.4.1 DMARC Policy Configuration During Setup: As part of the mandatory domain configuration process, customers are required to complete a guided setup flow during which they must explicitly select a DMARC enforcement policy for their domain. The platform provides exactly two enforcement options: "reject" (instructing receiving mail servers to discard unauthenticated messages outright) or "quarantine" (instructing receiving mail servers to treat unauthenticated messages as suspicious and route them to a separate folder or hold queue). No alternative enforcement levels are available within the platform. Domain activation is contingent upon the customer completing this configuration step and selecting one of the two aforementioned enforcement policies. The customer retains full responsibility for publishing and maintaining the appropriate DNS records necessary to activate and enforce their selected DMARC policy on their domain.
8.4.2 SPF and DKIM Alignment Enforcement: The platform enforces alignment checks using SPF and DKIM in accordance with DMARC alignment requirements, as defined by RFC 7489. These alignment checks are designed to ensure that only authorized sending sources — those whose infrastructure is explicitly permitted by the customer's published DNS records — may send email on behalf of the customer's domain within supported email flows. Alignment verification is performed where technically supported by the platform's infrastructure and the receiving mail server's configuration. Silence AI does not warrant that alignment enforcement will prevent all forms of domain misuse in environments where the customer has not fully published the requisite DNS records or where third-party sending infrastructure bypasses authenticated email flows.
8.4.3 Default Secure Baseline Configuration: In the event that a customer registers with the Service and does not modify the default DNS or email security settings provided upon account creation, the platform will apply a recommended secure baseline configuration to that customer's email security profile. This baseline configuration is intended to minimize spoofing risk and is consistent with widely accepted email authentication best practices. Customers are strongly encouraged to review and customize their DNS and email authentication settings to reflect their specific operational requirements. The application of the default baseline configuration does not constitute a guarantee of absolute protection against email spoofing or domain abuse.
8.4.4 Scope and Limitations of Domain Protection: The email authentication mechanisms described in this section are designed to prevent unauthorized third-party email sending using the customer's domain within supported infrastructure and properly configured email flows. These mechanisms are enforced where technically supported and are subject to the following limitations: (i) enforcement efficacy is contingent upon the customer's correct and timely publication of SPF, DKIM, and DMARC DNS records; (ii) protection is limited to email flows that pass through or are evaluated by Silence AI's platform infrastructure; and (iii) the platform does not control, and therefore cannot enforce authentication policies against, email sent through third-party infrastructure that has not been authorized or connected to the Service. Nothing in this section shall be construed as an absolute guarantee that unauthorized use of the customer's domain for email spoofing will be fully prevented in all circumstances.
8.4.5 Compatibility with Major Email Receiving Platforms: The email authentication standards enforced by the platform — SPF, DKIM, and DMARC — are designed to be compatible with, and are recognized by, the email receiving infrastructure of major commercial and enterprise email providers, including but not limited to:
Gmail (Google LLC): Emails authenticated through the platform are designed to be compatible with Gmail's inbound authentication evaluation systems, operating on the google.com and gmail.com mail infrastructure.
Microsoft Outlook / Office 365 (Microsoft Corporation): The platform's authentication mechanisms are intended to align with the email security enforcement policies applied by Microsoft Exchange Online and the broader Outlook and Office 365 ecosystem, operating on the outlook.com and microsoft.com mail infrastructure.
Yahoo Mail (Yahoo Inc.): Properly authenticated emails processed through the platform are designed to meet the inbound DMARC and authentication enforcement standards applied by Yahoo Mail's receiving infrastructure, operating on the yahoo.com mail domain.
Apple iCloud Mail (Apple Inc.): The platform's email authentication configuration is intended to be compatible with iCloud Mail's inbound security policy enforcement, operating on the icloud.com mail infrastructure.
Zoho Mail (Zoho Corporation): Emails authenticated through the platform are designed to align with the SPF, DKIM, and DMARC evaluation policies enforced by Zoho Mail's receiving systems, operating on the zoho.com mail infrastructure.
Silence AI does not control the email security policies, filtering behavior, or DMARC enforcement configurations of any third-party email receiving provider. Deliverability outcomes and the enforcement of DMARC policies are ultimately evaluated and determined by the recipient mail server infrastructure. Accordingly, actual deliverability and authentication enforcement behavior may vary depending on each receiving provider's own security configurations, policy updates, and operational practices. Silence AI makes no representations or warranties regarding the specific deliverability outcomes of any email transmitted through or authenticated by the platform when evaluated by third-party mail servers.
9. Limitation of Liability
9.1 Service Limitations: Except for our SLA guarantee regarding service availability, our services are provided "as is" without warranties of any kind. We do not guarantee that our services will meet all your security requirements or detect all possible vulnerabilities.
9.2 Liability Cap: Our total liability to you for any claims arising from these Terms or your use of our services shall not exceed the amount you paid to us in the twelve months preceding the claim.
9.3 Excluded Damages: We shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, or business opportunities.
10. Version Updates and Support
10.1 Service Updates: We may release new versions of our services from time to time. When a new version is released, we reserve the right to discontinue support for previous versions with reasonable notice.
10.2 Compatibility: You are responsible for ensuring compatibility with supported versions of our services and updating to current versions as needed.
11. Termination
11.1 Termination by You: You may terminate your use of our services at any time by discontinuing use and closing your account.
11.2 Termination by Us: We may suspend or terminate your access to our services if you violate these Terms or engage in activities that harm our services or other users.
12. Indemnification
You agree to indemnify and hold harmless Silence AI from any claims, damages, or expenses arising from your use of our services, including any unauthorized security testing or violation of these Terms.
13. Governing Law and Disputes
13.1 Applicable Law: These Terms are governed by the laws of the United Arab Emirates, without regard to conflict of law principles.
13.2 Dispute Resolution: If You have any concern or dispute about the Service, You agree to first try to resolve the dispute informally by contacting us. If informal resolution is unsuccessful, disputes shall be resolved through binding arbitration or in courts of competent jurisdiction as determined by applicable law of the United Arab Emirates.
14. Changes to Terms
We reserve the right to modify these Terms at any time. We will notify you of material changes through our platform or via email. Your continued use of our services after such modifications constitutes acceptance of the updated Terms.
15. Contact Information
For questions about these Terms or our services, please contact us at:
Silence AI LLC
Email: info@silenceai.net
Website: silenceai.net
Business registration location: Shams Business Center, Sharjah Media City Free Zone, Al Messaned, Sharjah, UAE
16. Miscellaneous
16.1 Severability: If any provision of these Terms is found to be unenforceable, the remaining provisions will continue in full force and effect.
16.2 Entire Agreement: These Terms, together with our Privacy Policy, constitute the entire agreement between you and Silence AI regarding your use of our services.
16.3 Assignment: We may assign these Terms or our rights hereunder without your consent. You may not assign these Terms without our prior written consent.
Last Updated: 14.05.2026