1. Definitions

As used in these Terms:

• "BridgeThru," "we," "us," or "our" refers to the BridgeThru platform and its operators.
• "Service" means the BridgeThru remote access platform, including the web portal, endpoint agents, desktop console, APIs, and all associated features.
• "Customer" or "you" means the organization or individual that registers for an account and agrees to these Terms.
• "User" means any person authorized by a Customer to access the Service under that Customer's account.
• "Seat" means a concurrent session license entitling one simultaneous remote session of the specified tier (Basic, Advanced, or Classified).
• "Endpoint Agent" means the BridgeThru software installed on a device to enable remote access to that device.
• "Classified Device" means any device or site designated by a Customer as requiring a Classified seat to access.
• "Session" means an active remote access connection between a User and a remote device through the Service.

2. Description of Services

BridgeThru provides enterprise remote access software enabling technicians to remotely view, control, and manage devices on which the Endpoint Agent has been installed. Features vary by seat tier:

• Basic Seats: Remote screen share, keyboard and mouse control, unattended access, device inventory, AI diagnostics, network scanning, and audit logs.
• Advanced Seats: All Basic features plus full peripheral redirection (USB, clipboard, audio), multi-monitor support, session recording, file transfer, and API access.
• Classified Seats: All Advanced features plus access to Classified-designated devices and sites, enhanced audit logging, and classified device isolation enforcement.

BridgeThru is provided as a subscription service. We reserve the right to update, modify, or discontinue any feature with reasonable notice. We do not guarantee that any specific feature will be available indefinitely.

3. Accounts and Registration

To use the Service, you must create an account and provide accurate, complete, and current information. You are responsible for:

• Maintaining the confidentiality of all account credentials, including passwords and API keys.
• All activities that occur under your account, whether or not authorized by you.
• Immediately notifying BridgeThru at support@bridgethru.com of any unauthorized access or security breach affecting your account.
• Ensuring that all Users under your account are aware of and comply with these Terms.
• The security of the devices on which the Endpoint Agent is installed.

BridgeThru will not be liable for any loss or damage arising from your failure to maintain the security of your account credentials. You may not share login credentials between Users. Each User must have a unique login.

4. Acceptable Use Policy

You agree to use the Service only for lawful purposes and in accordance with these Terms. You must not:

• Access any device through the Service without authorization from the device owner or your organization's authorized administrator.
• Use the Service to intercept, monitor, or record sessions of individuals without their knowledge where required by applicable law.
• Use the Service to transmit malware, ransomware, or any other malicious code to remote devices.
• Use the Service to access competitor systems, engage in corporate espionage, or exfiltrate confidential data without authorization.
• Attempt to gain unauthorized access to any portion of the Service, its infrastructure, or another Customer's data.
• Reverse-engineer, decompile, or disassemble any portion of the Service.
• Resell or sublicense the Service without explicit written consent from BridgeThru.
• Use the Service in any manner that could overload, damage, or impair the Service's infrastructure.
• Remove or circumvent any security controls, seat enforcement, or access controls built into the Service.

Violation of this Acceptable Use Policy may result in immediate suspension or termination of your account, without refund, and may be reported to law enforcement authorities.

5. Seat Licensing and Subscriptions

BridgeThru operates on a concurrent seat licensing model. Each seat represents one simultaneous remote session of the specified tier. Key terms of the seat licensing model include:

• Concurrency: A seat is occupied during an active Session and released when the Session ends. The number of seats purchased equals the maximum number of simultaneous Sessions your organization may run.
• Seat Tiers: Users may be assigned a seat tier by an administrator. A user assigned to a higher tier may use lower-tier seats, but will receive only the features of the seat actually claimed, not their assigned tier.
• Classified Access: Access to Classified-designated devices requires an active Classified seat. If no Classified seat is available, a user may optionally connect using a lower-tier seat, but Classified device access will be blocked at the session level.
• Seat Modification: Seats may be added at any time and will be prorated. Seat reductions take effect at the end of the current billing cycle.

6. Payment and Billing

Subscriptions are billed monthly or annually in advance. All fees are in U.S. dollars. By providing payment information, you authorize BridgeThru (or its payment processor) to charge your payment method for all subscription fees.

• Subscriptions auto-renew unless cancelled at least 24 hours before the renewal date.
• We reserve the right to change pricing with 30 days' advance notice. Continued use after the effective date constitutes acceptance of the new pricing.
• Refunds are not provided for partial months or unused seats, except where required by applicable law.
• Accounts with overdue payments may be suspended. Suspended accounts retain their data for 30 days, after which data may be permanently deleted.
• Disputed charges must be reported to support@bridgethru.com within 60 days of the charge date.

7. Security — User Responsibilities

BridgeThru implements the following security measures on our end:

• Encrypted communications between the Endpoint Agent and the Service.
• JWT-based authentication with configurable token expiration.
• Multi-factor authentication (MFA) support.
• Role-based access control (RBAC) enforced at the API layer.
• Complete tenant data isolation at the database and session layer.
• Audit logging of all access events.
• Rate limiting on authentication endpoints.
• Seat-level enforcement for Classified device access.

You are responsible for the following security controls within your organization:

• Credential security: Choosing strong, unique passwords; enabling MFA for all Users; revoking access immediately when employees leave.
• Device security: Ensuring that devices with the Endpoint Agent installed are physically and logically secured. A compromised endpoint device may allow unauthorized parties to accept incoming sessions.
• Network security: Securing the networks from which Users access the portal and from which Endpoint Agents connect to the Service.
• Seat assignment: Correctly assigning seat tiers to Users and ensuring that Classified designations are applied only to appropriate devices.
• Third-party software: Ensuring that devices with the Endpoint Agent installed do not have malicious software that could intercept session traffic or credentials.
• Session hygiene: Ending sessions when work is complete; not leaving active sessions unattended.

BridgeThru is not responsible for security incidents that result from: (a) compromised user credentials; (b) malware on user or endpoint devices; (c) network-level attacks outside our infrastructure; (d) social engineering attacks on your personnel; (e) failure to implement MFA; (f) unauthorized physical access to devices with the Endpoint Agent installed; or (g) any other security failure within your organization's control.

8. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW:

• IN NO EVENT SHALL BRIDGETHRU BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO LOSS OF PROFITS, LOSS OF DATA, LOSS OF BUSINESS, LOSS OF GOODWILL, SERVICE INTERRUPTION, BUSINESS INTERRUPTION, COMPUTER DAMAGE OR SYSTEM FAILURE, OR THE COST OF SUBSTITUTE SERVICES, ARISING OUT OF OR IN CONNECTION WITH THESE TERMS OR YOUR USE OF THE SERVICE, REGARDLESS OF THE THEORY OF LIABILITY (CONTRACT, TORT, STRICT LIABILITY, OR OTHERWISE) AND EVEN IF BRIDGETHRU HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
• BRIDGETHRU'S TOTAL AGGREGATE LIABILITY TO YOU FOR ALL CLAIMS ARISING OUT OF OR RELATING TO THESE TERMS OR YOUR USE OF THE SERVICE SHALL NOT EXCEED THE GREATER OF: (A) THE TOTAL FEES PAID BY YOU TO BRIDGETHRU IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM; OR (B) ONE HUNDRED DOLLARS ($100.00 USD).
• BRIDGETHRU SHALL NOT BE LIABLE FOR ANY UNAUTHORIZED ACCESS TO OR USE OF THE SERVICE THAT RESULTS FROM YOUR FAILURE TO MAINTAIN SECURE CREDENTIALS, YOUR FAILURE TO ENABLE MULTI-FACTOR AUTHENTICATION, COMPROMISED DEVICES WITHIN YOUR ORGANIZATION, OR ANY OTHER SECURITY FAILURE WITHIN YOUR CONTROL.
• BRIDGETHRU IS NOT LIABLE FOR ANY ACTIONS TAKEN BY USERS DURING A REMOTE SESSION, INCLUDING BUT NOT LIMITED TO DATA DELETION, CONFIGURATION CHANGES, OR ANY OTHER MODIFICATIONS TO REMOTE DEVICES.

Some jurisdictions do not allow the exclusion or limitation of incidental or consequential damages, so the above limitations may not apply to you in full. In those jurisdictions, BridgeThru's liability is limited to the maximum extent permitted by law.

9. Disclaimer of Warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE," WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. TO THE MAXIMUM EXTENT PERMITTED BY LAW, BRIDGETHRU EXPRESSLY DISCLAIMS ALL WARRANTIES, INCLUDING BUT NOT LIMITED TO:

• WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
• ANY WARRANTY THAT THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, OR COMPLETELY SECURE.
• ANY WARRANTY REGARDING THE ACCURACY OR RELIABILITY OF ANY DATA OR INFORMATION OBTAINED THROUGH THE SERVICE.
• ANY WARRANTY THAT THE SERVICE WILL MEET YOUR SPECIFIC REQUIREMENTS OR EXPECTATIONS.

No advice or information, whether oral or written, obtained by you from BridgeThru or through the Service will create any warranty not expressly stated in these Terms.

10. Indemnification

You agree to defend, indemnify, and hold harmless BridgeThru and its officers, directors, employees, contractors, and agents from and against any and all claims, damages, obligations, losses, liabilities, costs or debt, and expenses (including but not limited to attorney's fees) arising from:

• Your use of and access to the Service, including any data or content you transmit or receive through the Service.
• Your violation of any term of these Terms.
• Your violation of any third-party right, including any intellectual property right, privacy right, or other proprietary right.
• Any unauthorized access to devices or systems using your account credentials, whether authorized by you or not.
• Any claim that your use of the Service caused damage to a third party.
• Any security incident attributable to your failure to maintain reasonable security practices as described in Section 7.
• Actions taken by your Users during remote sessions, including unintended modifications, data loss, or system damage on remote devices.
• Your failure to comply with applicable laws, regulations, or industry standards in your use of the Service.

This indemnification obligation will survive the termination of these Terms and your use of the Service.

11. Security Incident Response

In the event of a security incident affecting the BridgeThru platform (meaning an incident within BridgeThru's infrastructure and within our control), we will:

• Notify affected Customers within 72 hours of confirming the incident.
• Provide information about the nature of the incident, the data potentially affected, and the steps we have taken to address it.
• Work to contain and remediate the incident as quickly as practicable.

In the event of a security incident within your organization (such as compromised credentials, a breached endpoint device, or unauthorized access through your account), you are responsible for:

• Immediately resetting all affected credentials and revoking compromised API keys through the Settings page.
• Immediately notifying BridgeThru at support@bridgethru.com so we can assist with containment.
• Any legal reporting obligations applicable to your organization under applicable law (including but not limited to GDPR, CCPA, HIPAA, or state breach notification laws).

BridgeThru will provide reasonable cooperation in your incident response efforts but is not responsible for the costs associated with your incident response, notification obligations, or regulatory compliance arising from incidents within your organization's control.

12. Privacy Policy

Your privacy is important to us. By using the Service, you agree to our collection and use of information as described in this section.

Information we collect:

• Account information: Name, email address, organization name, and payment information provided during registration.
• Device data: Hardware specifications, software inventory, IP addresses, and online/offline status of enrolled devices.
• Session data: Session start and end times, connected User, connected device, seat tier used, and session recording (for Advanced and Classified seats where recording is enabled).
• Audit logs: Records of all user actions, login events, session events, and administrative changes.
• Usage data: Feature usage statistics and platform performance data.

How we use your information:

• To provide, operate, and maintain the Service.
• To authenticate users and enforce seat and access controls.
• To bill for subscriptions and manage your account.
• To send important service notifications and security alerts.
• To investigate security incidents and enforce these Terms.
• To improve the Service through aggregated, anonymized analytics.

Data sharing: BridgeThru does not sell your personal data. We may share data with: (a) payment processors for billing; (b) infrastructure providers hosting the Service; (c) law enforcement when legally required. We do not share your data with advertisers or marketing platforms.

Data residency: Customer data is stored on servers located in the United States. If you are subject to data residency requirements under applicable law, please contact us before subscribing.

Cookies: The Service uses cookies and similar technologies for authentication, session management, and security. We do not use tracking or advertising cookies.

For questions about data privacy, contact us at support@bridgethru.com.

13. Data Ownership and Retention

Your data: You retain ownership of all data you submit to the Service, including device data, session recordings, and user information. You grant BridgeThru a limited license to process your data solely to provide the Service.

Retention: Active account data is retained for the life of your subscription. Upon termination or cancellation:

• Your data will be retained for 30 days, during which you may export it.
• After 30 days, data will be permanently deleted from our systems.
• Audit logs may be retained for up to 12 months for compliance and security investigation purposes, after which they are deleted.

BridgeThru does not guarantee that your data can be exported after account termination. We strongly recommend maintaining your own backup copies of critical data.

14. Termination

Either party may terminate these Terms at any time:

• You may cancel your subscription at any time through the Settings page or by contacting support. Cancellation takes effect at the end of the current billing period.
• BridgeThru may suspend or terminate your account immediately and without notice if: (a) you violate these Terms; (b) we suspect fraudulent, abusive, or illegal activity; (c) your payment fails and is not corrected within 10 days; or (d) we are required to do so by law.
• BridgeThru may terminate the Service with 60 days' advance notice in the event we discontinue the platform.

Upon termination, your right to access the Service immediately ceases. Sections 7, 8, 9, 10, 13, 15, and 16 survive termination of these Terms.

15. Dispute Resolution and Arbitration

Please read this section carefully. It requires you to resolve disputes with BridgeThru through individual arbitration rather than through the court system.

Informal resolution: Before initiating arbitration, you agree to contact us at support@bridgethru.com and attempt in good faith to resolve the dispute informally for at least 30 days.

Binding arbitration: If informal resolution fails, any dispute, claim, or controversy arising out of or relating to these Terms or the Service shall be resolved by binding arbitration administered by the American Arbitration Association (AAA) under its Commercial Arbitration Rules. Arbitration shall be conducted in English and, unless otherwise agreed, shall be conducted through document submission or video conference.

No class actions: You agree that any arbitration shall be conducted solely on an individual basis and not as a class action, collective action, or representative action. You waive any right to participate in a class-wide arbitration or receive a class remedy.

Exceptions: Either party may seek injunctive or other equitable relief in a court of competent jurisdiction to prevent the actual or threatened infringement, misappropriation, or violation of intellectual property rights, or for emergency relief pending arbitration.

16. Governing Law

These Terms shall be governed by and construed in accordance with the laws of the United States. Any dispute not subject to arbitration under Section 15 shall be brought in the federal or state courts of competent jurisdiction. You consent to the personal jurisdiction of such courts.

If you are using the Service outside the United States, you are responsible for compliance with all local laws and regulations applicable to your use of the Service.

17. Changes to These Terms

BridgeThru reserves the right to modify these Terms at any time. We will provide notice of material changes by:

• Posting a notice on the Service at least 30 days before the effective date of the changes, or
• Sending an email to the address associated with your account.

Your continued use of the Service after the effective date of the modified Terms constitutes your acceptance of the changes. If you do not agree to the modified Terms, you must stop using the Service and cancel your subscription before the effective date.

18. Contact Information

For questions about these Terms, or to report a legal matter:

Recommendation: These Terms are provided for general protection and are not a substitute for advice from a licensed attorney. BridgeThru recommends having a qualified legal professional review these Terms before your commercial launch to ensure they comply with the laws of your jurisdiction and address any industry-specific requirements applicable to your business.