TypingDNA Authentication API
Standard Service Terms
The TypingDNA Authentication API Standard Service Terms is a Software-as-a-Service agreement between TypingDNA,
henceforth called the Company,
and You, the user of the typing biometrics authentication services, in the Starter Tier or Pro Tier, henceforth called the Customer,
(each called a “party” and together, the “parties”).
BY CLICKING ON THE “I AGREE” BUTTON, REGISTERING TO USE THE SERVICE, OR USING THE SERVICE, (1) YOU
ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTAND, AND AGREE TO BE BOUND BY THESE TERMS, AND (2) YOU REPRESENT THAT
YOU HAVE THE AUTHORITY TO ENTER INTO THESE TERMS, PERSONALLY AND ON BEHALF OF THE COMPANY YOU HAVE NAMED AS
THE CUSTOMER, AND TO BIND THAT COMPANY TO THESE TERMS. IF YOU DO NOT AGREE TO THESE TERMS, OR IF YOU DO NOT
HAVE SUCH AUTHORITY, YOU SHOULD NOT USE THE SERVICE.
For commercial reasons, the Company has decided to remove the Developer and Free Tier subscriptions starting with the version no. 5 of this Agreement.
The existing Developer and Free Tier Customers shall not be affected in any way by this change and the provisions of this Agreement shall be also applicable to them.
1.1. Affiliate: any company or other entity, which directly or indirectly controls, is controlled by
or is under joint control with a party of this agreement. For this purpose, a party is deemed to
control a company or entity if it (a) owns, directly or indirectly, at least 50 percent of the
capital of the other company, or (b) in the absence of such ownership interest, substantially has the power
to direct or cause the direction of the management and set the policies of such company or entity.
1.2. Agreement: these Standard Service Terms and any other TypingDNA document/material incorporated
1.3. API Request: a digital call addressed to the Service made by the Customer’s servers to the
Company’s servers for the purpose of: i) matching two or more typing patterns, ii) saving a typing pattern
in the database of the Service, iii) verifying a new typing pattern against previously saved records, iv)
checking the status of saved users, and v) deleting saved users. The API Request is the most granular
digital call offered by the Service.
1.4. Authentication Requests: are the API Requests to facilitate matching or verifying typing
1.5. Claim: any claim, suit, action, proceeding, losses, liabilities, damages, settlements as per
art. 8.1 below.
1.6. Confidential Information: information that may be disclosed or made available by the Disclosing
Party to the Receiving Party, including, but not limited to: technical and business information relating to
proprietary ideas, patentable ideas and/or trade secrets, existing and/or contemplated products and
services, research and development, production, costs, profit and margin information, finances and financial
projections, customers, clients, potential clients, marketing strategies, and current or future business
plans and models, regardless of whether such information is designated as “Confidential Information” at the
time of its disclosure.
1.7. Company’s Website: https://www.typingdna.com/
1.8. Disclosing Party: the party or its Affiliates who discloses any Confidential
1.9. End-Users: a natural person whose typing patterns may be compared through the Service and whose
identity may otherwise be authenticated through your systems. One Typing Pattern belongs to one
1.10. Pro Tier: the paid subscription service - payment per user, or any other paid subscription services, unless agreed otherwise by the Company.
1.11. Personal Data: any information describing or relating to an identified or identifiable
individual (where an identifiable individual is an individual who can be identified, directly or indirectly,
in particular by reference to an identifier such as a name, an identification number, location data, an
online identifier or to one or more factors specific to the physical, physiological, genetic, mental,
economic, cultural or social identity of that individual).
1.12. Receiving Party: the party or its Affiliates who receives or otherwise obtains any Confidential
1.13. Service: the online service developed and provided by the Company, in the form of an API,
for the purpose of assisting in personal authentication using typing biometrics technologies
(also called Keystroke Dynamics Authentication).
This Agreement covers the Service offered in the Starter Tier, Pro Tier, or any other paid subscription services unless otherwise agreed by the Company,
and the Service offered to the existing Customers using Developer or Free Tier.
Other agreements may be necessary for other Company offerings.
1.14. Starter Tier: the free subscription service, provided by the Company.
1.15. TypingDNA: means (i) TypingDNA Inc. a US, Delaware company, headquartered in 77 Sands Street, Brooklyn, NY, 11201,
or (ii) TypingDNA S.R.L. with its registered office in Romania, 2E Santului Str., Oradea, 1st floor, EUID ROONRC. J05/1153/2016,
fiscal identification code RO 36172414, as per Section 13 - Contracting party and Specific Legislation.
1.16. Typing Pattern: behavioral patterns and data that can be related to typing, touch and pointer input
(including, but not limited to, speed of typing, the pressure applied, intervals between keystrokes, telemetry information,
typing rhythms, device movement and positioning data, mouse, touch and swipe data, etc).
2. Terms of Service
2.1. By using the Service, the Customer agrees to be bound by the latest version of the Standard Service
Terms, all applicable laws and regulations, and agrees to be responsible for compliance with any applicable
local laws or regulations. If the Customer does not agree with any of these terms, the Customer is
prohibited from using or accessing the Service.
2.2. The Company collects, stores and further processes personal data as a result of, or in the course of,
which regulates how we process personal data. Continuing use of the TypingDNA products and/or services shall
If the Company makes any material changes, the Company will notify the Customer by email (sent to the email
address specified in Customer’s account) or by means of a notice on the Company’s Website prior to the
change becoming effective. Continuing use of any TypingDNA products and/or services shall be considered as
2.3. The Company may update, revise or amend this Agreement and/or any other policies, terms or conditions
applicable to the use of the Website and/or our Service, at any time. The Company will notify the Customer
of any material changes to this Agreement by posting a notice on the Company’s Website and shall take effect
immediately when posted. Continuing use of the Website, or any TypingDNA Service signifies the Customer’s
agreement to be bound by the current version of such Agreement. The Customer is exclusively responsible and
liable for keeping up to date of the latest applicable version of these documents. If the Customer does not
agree with this Agreement, then the Customer should immediately stop using the Service.
2.4. The Company licenses a non-exclusive, non-transferable, non-sublicensable right of use of its Service
to the Customer, conditioned by the compliance with this Agreement.
2.5. The Customer will use the Service only for its own purpose and refrain from reselling, distributing,
renting or leasing the Service to third parties. A separate agreement to be executed between the parties is
required for Customer to use the Service in connection with third parties, such as its customers.
2.6. The Service should be used as a second-factor authentication and the Company does not recommend using
it as a single factor authentication. The Company does not guarantee perfect correctness or accurate
authentication or verification of any End User -- no biometrics-system can ever provide that. Using
different devices, keyboards or health conditions (such as: a broken arm or any action that is substantially
different than normal) can affect the accuracy of the Service.
2.7. The Customer is responsible to obtain the consent to record, store and process typing biometrics data
from its End-Users, in accordance with the applicable laws and regulations regarding Personal Data, as
necessary for Company and its Affiliates to provide the Service.
2.8. The Customer shall not send/transfer/disclose to the Company any sensitive personal information (like
passwords, OTP secret keys, user ID) of its End-Users. If it is necessary for Customer to
share/disclose/transfer such personal information to the Company, it shall always be de-personalised,
anonymised and/or otherwise encrypted (or hashed) so as to no longer constitute Personal Data within the
meaning of the General Data Protection Regulation 2016/679 or any other legislation regarding personal data
before disclosure/transfer to the Company.
2.9. If Customer is unable to comply with such pre-disclosure encryption / de-personalisation /
anonymisation / hashing requirement and sends the Company personal data of its End-Users, the Customer is
exclusively responsible to inform about, and to obtain the consent to record, store and process typing
biometrics data from its End-Users, in accordance with the applicable laws. The Customer hereby undertakes
to procure that such End-User consent extends also to the Company and its Affiliates, to allow the latter to
record, store and process this information on behalf of the Customer. The relationship between Customer, on
one hand, and Company on the other hand, in relation to such data processing will be governed by the Data
Processing Addendum available at https://www.typingdna.com/legal/TypingDNA_DataProcessing_Addendum.pdf,
which shall become an integral part of this Agreement.
2.10. The Company reserves the right to delete any End-User data: (i) not legally obtained, or (ii) obtained
without the End-Users consent, or (iii) legally obtained with the End-User's consent, but on the explicit
request from the End-User, after an identification process.
2.11. The Company reserves the right to use the Typing Patterns collected or processed by the Customer, to
improve its services and products, or create new services and products.
2.12. The Customer will not try to (or permit any of its employees or contractors to) copy or
reverse-engineer the typing biometrics technology offered by the Company or otherwise use or reference the
Service to develop or have developed a similar technology, expect to the extent (and only to the extent)
such reverse-engineering or other activity cannot be restricted under applicable laws.
2.13. The Customer agrees not to create multiple Starter accounts.
2.14. The Customer will not interfere with or disrupt the integrity or performance of the Service or attempt
to gain unauthorized access to the Service.
2.15. The Customer must notify the Company of any defect of the Service immediately after its detection.
The Company will use commercially reasonable efforts to repair the defect within a reasonable period.
2.16. The intellectual property over the know-how, the software and design that runs the Service (source
code and binaries) belongs exclusively to the Company. All modifications that may be made to it as a result
of the cooperation between the parties, even suggestions of improvements made by the Customer, which may be
developed by the Company (at the Company’s option) and will belong to the Company. The Customer will have no
ownership, not even partial, over the intellectual property in or to the Service, including the algorithms,
software and systems of the Service.
2.17. The Company manages and maintains all the servers, including proprietary or third-party software. No
direct access to the infrastructure or software is provided to the Customer.
2.18. The Company is entitled to carry out maintenance work that can disrupt the Service.
The planned maintenance work may be notified in advance by email (sent to the email address specified in
Customer’s account) or by means of a notice on the Company’s Website.
3.1. The Customer shall pay the Company for the use of the Service a monthly remuneration as per the tier and
usage plan subscribed to, and all amounts paid are non-refundable except as otherwise provided in this
Agreement or required by law. The payment shall be made through a payment platform chosen by the Company and
the Customer shall be charged each calendar month on or about the 1st day of the following calendar month.
Company may change pricing, tiers, and usage plans by publishing the change on its website; however, if
Customer has an active Pro Tier Service subscription in effect, the change will not apply until that current
subscription period expires or is terminated.
3.2. For invoicing purposes, the Customer shall also provide the VAT ID (if applicable) or other tax
identification as and if requested.
3.3. The Customer shall pay all invoices issued by the Company within thirty (30) days of the date of the
invoice. For payments delayed more than 5 business days, the Company will charge an additional 0.5% per
delayed business day. Failure to pay an invoice for more than 10 (ten) business days can lead to Service
discontinuation and immediate termination of the Agreement.
3.4. In case the Customer requests to change its current Pro Tier subscription with another Pro Tier
subscription or with the Starter Tier subscription, the then-current Pro Tier subscription shall
be changed only after its usage calculation and after the Customer shall be invoiced accordingly,
in case its usage exceeds its subscription.
3.5. If the Customer participates in the Pro Trial Tier, it will be automatically converted to Pro Tier
subscribers at the end of the trial period, and become subject to that Tier’s terms, if they a) make a plan
selection and b) provide billing details before trial expiration. The Customer may elect to be converted to
the free Developer Tier at trial expiration by taking no action.
4. Service Commitment & Availability
4.1. THE SERVICE IS PROVIDED AS-IS AND WITHOUT WARRANTY OF ANY KIND; TO THE EXTENT PERMITTED BY LAW, COMPANY
DISCLAIMS ALL WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR AN INTENDED PURPOSE,
INTEGRATION, AVAILABILITY, NON-INFRINGEMENT, AND PERFECT SECURITY OR ACCURACY. However, the Company will use
commercially reasonable efforts to make the Service available 99% of the time during each monthly billing cycle,
with the mention that Company will not be liable for the consequences of any interruptions or errors.
4.2. The Customer understands that a service of such volumes cannot guarantee response times. The Customer
understands that the Service will aim to always provide a response to all API Requests even if some
responses are slower during peak times.
4.3. Any anticipated increase in the volume of API Requests, that increase the amount of daily API Requests
with at least 300,000 API Requests per day, compared to the average number of API Requests in the previous
30 days, must be immediately notified by the Customer, so that the Company allocates the necessary hardware
4.4. The Company reserves the right to clean or archive the database of the Service of inactive saved
End-Users, or inactive Customers. An inactive saved End-User is an End-User for which no related API Request
has been made to verify their typing biometrics for more than 12 months. An inactive Customer is a Customer
that did not make an API Request for more than 12 months.
4.5. The Service commitment does not apply to any unavailability, suspension or termination of Agreement, or
any other performance issues:
- that result from a suspension / termination of this Agreement;
- planned maintenance work on the Service, notified 24 hours in advance;
- caused by factors outside Company’s reasonable control, including any force majeure event, host
provider’s service, or related problems beyond Company’s demarcation point;
- that result from any Customer’s actions or inactions or any related third party;
- that result from Customer’s equipment, software or other technology and/or third-party equipment,
software or other technology (other than Customer’s infrastructure under Company’s direct control).
5. Customer Support
5.1. The Customer may request technical support, by using the channels provided on the Company’s Website or
by emailing firstname.lastname@example.org.
5.2. The Company does not guarantee any specific response time for technical support. The Company may limit
or deny Customer access to support if it determines, in Company’s reasonable discretion, that the Customer
is acting, or has acted, in a way that results or has resulted in misuse of support or abuse of Company’s
6.1. The Customer grants to the Company the right to use the Customer’s name and logo on marketing materials
(including, but not limited to the Company’s Website and presentations). To object to this use, the Customer
can send an email to email@example.com.
7.1. The Receiving Party shall keep the Confidential Information in strict confidence and shall not use or
disclose any of the Confidential Information to any third party in any manner whatsoever other than to
perform its obligations or exercise its rights under this Agreement; provided, however, that the Receiving
Party may make a disclosure of information contained in the Confidential Information to which the Disclosing
Party gives its prior written consent; Company may engage subcontractors and disclose information to them to
facilitate the provision of the Service.
7.2. This Agreement imposes no obligation upon the parties with respect to any Confidential Information (a) that was rightfully possessed before receipt; (b)
is or becomes a matter of public knowledge through no fault of the Receiving Party; (c) is rightfully received from a third party not owing a duty of
confidentiality; (d) is disclosed without a duty of confidentiality to a third party by, or with the authorization of the Disclosing
Party; or (e) is independently developed by the other party.
8.1. The Customer will indemnify, defend and hold the Company and its Affiliates and successors (and the
officers, directors, employees, agents, service providers, licensors) harmless, at Customer’s expense,
against any claim, suit, action, proceeding losses, liabilities, damages, settlements which may arise out of
or relate to: (a) unauthorized or illegal use of the Service by the Customer, (b) Customer’s noncompliance
with or breach of this Agreement, (c) the unauthorized use of the Service by any other person using the
Customer’s End User or other information, (d) the unauthorized disclosure or use of the Personal Data, or
(e) reliance on the accuracy of the Service, including the usage of the Service by the Customer as a sole
8.2. The Company will notify the Customer in writing within thirty (30) days of its becoming aware of any such Claim.
The Company may give the Customer sole control of the defense or settlement of such a Claim; and may provide to the Customer
(at his/her/its expense) with any and all information and assistance reasonably requested by to handle the defense or settlement of the Claim.
The Customer shall not accept any settlement that (i) imposes an obligation on the Company; (ii) requires the Company to make an admission;
or (iii) imposes liability not covered by these indemnifications or places restrictions on the Company without its prior written consent.
8.3. The obligations of the Agreement shall extend to all entities that constitute “Customer,”
including all Affiliates, even though each such entity is not specifically named as a party to this Agreement.
As such, Customer and its successors and assigns will be and remain liable for all of the obligations of all entities that constitute
“Customer” under the Agreement, including all Affiliates, and the Company will look to Customer and its successors and assigns for enforcement of
Company’s rights under the Agreement.
9. Force majeure
9.1. The force majeure protects against liability to the extent and for the period that the party is prevented, hindered, or delayed to fulfil its
obligation because of the force majeure event. The party that invokes the force major will communicate in writing, to the other party, the proof
of the force major event, in maximum 5 days from its appearance. The same procedure of notification will apply in case of cessation of the force
majeure event. If due to the force majeure event one of the parties is hindered to fulfil, totally or partially, its contractual obligations for
a period longer than 30 (thirty) days, then the other party will have the right, to cancel the Agreement, through a written notification sent to
the other party.
10. Term & Termination
10.1. The term of this Agreement is one (1) year from the date the Customer agrees with the terms of this Agreement
and shall renew automatically with one (1) year periods, unless either party provides the other party with a written notice,
at least sixty (60) days prior to the end of the then-current term, of its intent to not renew.
Both parties may terminate the Agreement as follows:
- For Customers in the Starter Tier, the Agreement may be terminated anytime without any notice,
provided that the termination shall be effective on the next billing cycle.
- For Customers having Pro Tier subscription, the Agreement may be terminated through the payment platform used
by the Company and shall be effective from the next billing cycle. The Customer shall be charged for all unpaid
fees (if any) and it shall not be able to delete its account in case of any unpaid invoices. Any deletion shall
be possible only after the Customer has paid the amounts invoiced by the Company.
10.2. The Company may terminate the Agreement with a 30 days’ notice sent by email to the Customer.
10.3. Notwithstanding the above, the Company may automatically suspend and cease providing Service without
any notification in the event that the Customer violates, or is suspected of violating, this Agreement.
10.4. The Company may also terminate the agreement without giving notice for any breaches of the
10.5. Upon termination the Customer is prohibited from using the Service.
11. Limitations of Liability
11.1. IN NO EVENT SHALL THE COMPANY OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL OR
CONSEQUENTIAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF DATA, PRODUCTIVITY, OPPORTUNITY OR
PROFIT, OR DUE TO BUSINESS INTERRUPTION), UNDER ANY LEGAL THEORY OR CLAIM EVEN IF ADVISED OF THE POSSIBILITY
THEREOF, INCLUDING WITHOUT LIMITATION LIABILITY ARISING OUT OF BREACH OF CONTRACT, TORT, OR THE USE,
INABILITY TO USE, POOR PERFORMANCE, OR DEFECTS OF THE SERVICE.
11.2. The Company is not liable for any use of the Service by the Customer or End-Users in violation of any laws and regulations,
including the European Union or U.S. laws, the Customer’s local laws or regulations, or the End-Users local laws or regulations.
11.3. In any case, the Company is not liable, per claim or in the aggregate, for an amount greater than it
was paid by the Customer during the last 12 months.
11.4. The Customer’s liability will not be an amount greater than the amount paid already to the Company, except for liability
relating to Company’s intellectual property or breaching the following articles of this Agreement:
2.5, 2.7, 2.8, 2.12, 2.13, 2.14, 3, 7, or 8
12.1. If any provision of this Agreement shall be held or made invalid or unenforceable for any reason, such
invalidity shall not affect the remainder of this Agreement, and the invalid or unenforceable provisions
shall be replaced by a mutually acceptable provision, which being valid, legal and enforceable comes closest
to the original intentions of the parties hereto and has like economic effect.
13. Contracting Party and Specific Legislation
13.1. Customer’s address determines which TypingDNA entity is the contracting party and invoicing the
13.2. If the Customer is domiciled in the European Economic Area (EEA), then the Customer is contracting
with TypingDNA SRL and this Agreement shall be governed by the laws of Romania. For contracts with TypingDNA
SRL, both parties’ consent to the exclusive jurisdiction and venue of the courts in Bucharest, Romania, for
all disputes arising out of or relating to this Agreement or the use of the Service. Provided however, if
the Customer is domiciled outside the EEA, the Customer is contracting with TypingDNA Inc. and this
Agreement shall be governed by the laws of the State of New York and the United States of America without
reference to conflict of law principles. For contracts with TypingDNA Inc., both parties’ consent to the
exclusive jurisdiction and venue of the courts in New York, United States of America, for all disputes
arising out of or relating to this Agreement or the use of the Service.
Last modified October 2022
Document version 7