Terms of Service

Last updated: 10 May 2026

1. Definitions

"Company", "we", "us", or "our" means Treehouse in Valhalla Ltd, a company registered in England and Wales (Company No. 15770209), trading as deny.sh.

"Service" means the deny.sh website, API, CLI tool, SDKs, browser tools, vault, dead man's switch, steganography tools, Shamir secret sharing, inheritance features, and all related documentation.

"User", "you", or "your" means any individual or entity that accesses or uses the Service.

"Content" means any data, messages, files, encryption keys, control data, or other material you submit to or process through the Service.

"API Key" means the unique authentication credential issued to you upon registration.

"Browser Tools" means the client-side encryption tools available at deny.sh that run entirely in your browser.

2. Acceptance of terms

By accessing or using the Service, you agree to be bound by these terms. If you do not agree, do not use the Service. If you are using the Service on behalf of an organisation, you represent that you have authority to bind that organisation to these terms.

3. Eligibility

You must be at least 16 years old and have the legal capacity to enter into a binding agreement. By using the Service, you represent and warrant that you meet these requirements.

4. Service description

deny.sh provides deniable encryption software and services, including:

• Deniable encryption API: encrypt, decrypt, and create decoy messages via REST API
• Browser tools: client-side encryption, steganography, Shamir secret sharing, and seed phrase protection (client-side only, nothing leaves your browser)
• Vault: encrypted storage for control files and sensitive data
• Dead man's switch: automated release of encrypted data to designated recipients if you stop checking in
• Inheritance: structured transfer of encrypted data to beneficiaries
• SDKs and CLI: libraries for TypeScript, Python, Go, and Rust

We may add, modify, or discontinue features at any time. We will give reasonable notice for material changes that affect paying customers.

5. Account registration and security

To use the API, you must register with a valid email address. You will receive an API key upon registration. You are responsible for:

• Keeping your API key confidential and secure
• All activity that occurs under your API key
• Notifying us immediately at hello@deny.sh if you believe your key has been compromised

We may suspend or revoke API keys that are used in violation of these terms or that show signs of compromise. One API key per email address.

6. Acceptable use

You may use the Service for any lawful purpose. You must not:

• Use the Service to facilitate, conceal, or further any illegal activity
• Attempt to compromise, overload, disrupt, or reverse-engineer the Service infrastructure
• Conduct automated scanning, scraping, or denial-of-service attacks against the Service
• Resell, sublicense, or redistribute API access without a commercial license from us
• Misrepresent your use of the Service, including claiming our encryption implementation as your own without proper licensing
• Use the Service to store, transmit, or process child sexual abuse material or content that exploits minors
• Use the Service to harass, threaten, or stalk any person
• Circumvent or attempt to circumvent usage limits, rate limiting, or access controls
• Share your API key with third parties or use a single key across multiple unrelated applications without a commercial license
• Interfere with the Service's operation or other users' access to the Service

We reserve the right to suspend or terminate access for any user who violates this policy, with or without notice depending on severity.

7. Intellectual property

Open-source code

The deny.sh SDK and core cryptographic primitive (TypeScript, Rust, Go, Python implementations at github.com/deny-sh-crypto) are licensed under the Apache License 2.0. The application layer (vault, dead-man's switch, inheritance dispatcher, MCP server orchestration, hosted-API server source code, browser-tool source, and website source code) is licensed under the GNU Affero General Public License v3.0 (AGPL-3.0). You may use, modify, and distribute the source code of each component in accordance with its applicable licence. AGPL section 13 attaches to modified application-layer code offered as a network service.

Commercial licensing

The SDK is Apache-licensed and does not require a commercial licence for proprietary or closed-source use. If you want to self-host the application-layer code (vault, dispatcher, MCP orchestration, hosted-API server) in a proprietary product without the AGPL copyleft obligation, you need a commercial licence; see /licensing or contact hello@deny.sh for licensing terms.

Trademarks

"deny.sh", the deny.sh logo, and associated branding are trademarks of Treehouse in Valhalla Ltd. You may not use our trademarks in a way that suggests endorsement, affiliation, or sponsorship without our written consent. Fair use for descriptive or referential purposes is fine.

8. Payment terms

Free tier

The free tier provides 500 API calls per month at no cost. No payment method required.

Paid plans

Paid subscriptions (Dev at $99/month, Pro at $199/month) are billed monthly via Stripe. By subscribing, you authorise recurring monthly charges to your payment method.

Auto-renewal and cancellation

Subscriptions auto-renew at the start of each billing cycle. You can cancel at any time through the Stripe customer portal. Cancellation takes effect at the end of the current billing period; you retain access until then.

Refunds

We do not provide partial refunds for unused portions of a billing period. If you cancel mid-month, you keep access for the remainder of that month but will not be charged again.

Price changes

We may change pricing with 30 days' notice. Existing subscribers will be notified by email before any price change takes effect.

9. API usage limits and fair use

Each tier has defined monthly API call limits. If you exceed your limit, further requests will return a 429 error until the next billing cycle. We may also impose rate limiting on a per-second or per-minute basis to protect service stability.

Fair use applies to all tiers. Automated traffic patterns designed to exhaust limits, abuse free-tier quotas across multiple accounts, or degrade service for other users may result in throttling or suspension.

10. Service availability

We use reasonable efforts to keep the Service available, but we do not guarantee uninterrupted or error-free operation. The Service is provided on an "as available" basis. We may perform maintenance, updates, or changes that temporarily affect availability. We will try to give advance notice for planned downtime where practical.

11. Data and encryption disclaimer

This is important. Read it carefully.

deny.sh is a client-side-only service for browser tools and a minimal-data service for API operations. This means:

• We do not have access to your encryption passwords, plaintext messages, or control files
• We cannot recover your data if you lose your passwords or control data
• You are solely responsible for backing up your encryption keys, passwords, control data, and any data stored in the vault
• If you lose access to your credentials, your encrypted data is permanently irrecoverable, by you or by us

Cryptographic software is complex. You are responsible for evaluating whether the Service meets your security requirements. We make no representations about the suitability of the Service for any particular purpose, including the protection of high-value assets.

12. Dead man's switch terms

The dead man's switch feature delivers encrypted data to designated recipients if you fail to check in within your configured schedule. You should understand that:

• Delivery is best-effort. We use third-party email services (Resend) to deliver notifications. We cannot guarantee email delivery, as it depends on recipient email providers, spam filters, and network conditions.
• The switch triggers based on check-in deadlines plus grace periods. If you are unable to check in due to circumstances beyond your control (illness, loss of internet, etc.), the switch may trigger as designed.
• It is your responsibility to configure appropriate check-in intervals and grace periods.
• We strongly recommend informing your intended recipients about the switch and providing them with any passwords or instructions they will need.
• This feature is not a substitute for professional estate planning, legal instruments, or fiduciary arrangements.

13. Limitation of liability

To the maximum extent permitted by applicable law:

• The Service is provided "as is" and "as available" without warranties of any kind, whether express or implied, including but not limited to implied warranties of merchantability, fitness for a particular purpose, and non-infringement.
• We are not liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, use, or goodwill, arising from your use of or inability to use the Service.

13.1 Self-serve liability cap (Free, Dev, and Pro plans)

For Customers on the Free, Dev, or Pro plan, our total aggregate liability for any claims arising from or related to these terms or the Service is limited to the greater of (a) the amount you paid us in the 12 months preceding the claim, or (b) £100.

13.2 Business and Enterprise liability cap

For Customers on a paid Business or Enterprise plan, our total aggregate liability for any claims arising from or related to these terms or the Service is limited to the amount the Customer paid us in the 12 months preceding the claim, with a minimum of £100. Where the Customer has executed a separate written Master Services Agreement Addendum with us, the liability terms set out in that Addendum apply in place of this section 13.2 and may include an elevated cap for specified breach categories. The standard form of that Addendum is available on request to hello@deny.sh.

13.3 Excluded liability

Nothing in these terms excludes or limits our liability for death or personal injury caused by our negligence, fraud or fraudulent misrepresentation, or any other liability that cannot be excluded or limited under English law.

14. Indemnification

You agree to indemnify, defend, and hold harmless Treehouse in Valhalla Ltd, its directors, employees, and agents from and against any claims, damages, losses, liabilities, costs, and expenses (including reasonable legal fees) arising from:

• Your use of the Service
• Your violation of these terms
• Your violation of any applicable law or regulation
• Any Content you submit, store, or process through the Service
• Any third-party claims related to your use of the encryption features

15. Export controls

deny.sh provides encryption software that may be subject to export control laws and regulations, including those of the United Kingdom, the European Union, and the United States. You are responsible for complying with all applicable export laws. You represent that you are not located in, or a resident of, any country subject to comprehensive sanctions, and that you are not on any restricted party list.

16. Termination

By you

You may stop using the Service at any time. To close your account and delete your data, email hello@deny.sh. If you have a paid subscription, cancel it via the Stripe customer portal before requesting account deletion.

By us

We may suspend or terminate your access to the Service at any time if you breach these terms, if required by law, or if we discontinue the Service. For paying customers, we will provide reasonable notice except where immediate action is required (e.g. abuse, security threats, legal compliance).

Effect of termination

Upon termination, your right to use the Service ceases immediately. We may delete your account data, vault contents, and dead man's switch configurations. Sections that by their nature should survive termination (including limitation of liability, indemnification, and governing law) will survive.

17. Dispute resolution

If you have a dispute with us, contact hello@deny.sh first. We will attempt to resolve the matter informally within 30 days.

If informal resolution fails, the dispute shall be subject to the exclusive jurisdiction of the courts of England and Wales. These terms are governed by and construed in accordance with the laws of England and Wales.

18. Severability

If any provision of these terms is found to be unenforceable or invalid by a court of competent jurisdiction, that provision will be enforced to the maximum extent permissible, and the remaining provisions will remain in full force and effect.

19. Entire agreement

These terms, together with our Privacy Policy, constitute the entire agreement between you and us regarding the Service. They supersede all prior agreements, representations, and understandings.

20. Changes to these terms

We may update these terms from time to time. For material changes, we will provide at least 30 days' notice by posting the updated terms on this page and, where possible, notifying registered users by email. Non-material changes (typos, clarifications) may be made without notice.

Continued use of the Service after changes take effect constitutes acceptance of the revised terms. If you do not agree with changes, you should stop using the Service.

21. Contact

Treehouse in Valhalla Ltd
Company No. 15770209
Registered in England and Wales

Email: hello@deny.sh