FerrVault
FeaturesPricingChangelogDocs
ENFR
Waitlist→
Draft — initial text, undergoing legal review. Clauses may change.

Legal document

Terms of service — FerrVault

Last updated: May 6, 2026

Last updated: 6 May 2026

  <p
    style="background: rgba(16, 185, 129, 0.06); border: 1px solid rgba(16, 185, 129, 0.25); border-radius: 10px; padding: 14px 18px; font-size: 13px;"
  >
    This English translation is provided for convenience. The
    <a href="/fr/terms/">French version</a> prevails in case of discrepancy.
  </p>

  <h2>1. Definitions</h2>
  <ul>
    <li>
      <strong>"FerrVault"</strong>: the encrypted secrets management service edited by Bryan
      Ferrando — Entrepreneur individuel (FerrLabs), SIREN 104 243 951, accessible at
      ferrvault.com.
    </li>
    <li>
      <strong>"Customer"</strong>: any natural person of legal age or legal entity having
      subscribed to a FerrVault Subscription.
    </li>
    <li>
      <strong>"Vault"</strong>: a logical container holding a set of Secrets, shared between
      authorized members of the Customer.
    </li>
    <li>
      <strong>"Secret"</strong>: any sensitive piece of data (API key, credential, token,
      certificate, application password) stored in a Vault, encrypted client-side before
      transmission.
    </li>
    <li>
      <strong>"Master password"</strong>: the secret known only to the Customer, from which the
      data encryption key (DEK) is derived. FerrLabs holds no copy of it.
    </li>
    <li>
      <strong>"Subscription"</strong>: the pricing plan (Free, Pro, Team or Enterprise)
      subscribed to by the Customer.
    </li>
  </ul>

  <h2>2. Acceptance</h2>
  <p>
    Use of the Service implies unreserved acceptance of these terms. The Customer acknowledges
    having read and accepted them prior to any subscription.
  </p>

  <h2>3. Service description</h2>
  <p>FerrVault provides:</p>
  <ul>
    <li>End-to-end encrypted Secrets storage</li>
    <li>Granular sharing of Secrets between organization members</li>
    <li>An append-only audit log recording Secret accesses (who, when, from where)</li>
    <li>
      Kubernetes integration through the FerrVault operator, syncing Secrets into native
      Kubernetes <code>Secret</code> resources
    </li>
    <li>A REST API and CLI to automate rotations and access</li>
  </ul>

  <h2>4. Pricing and subscription</h2>
  <p>
    Current pricing is published at
    <a href="https://ferrvault.com/pricing">ferrvault.com/pricing</a>. The Service is offered in
    four tiers:
  </p>
  <ul>
    <li><strong>Free</strong>: 5 users, 3 vaults, 100 secrets</li>
    <li>
      <strong>Pro / Team / Enterprise</strong>: increasing volumes of users, vaults, secrets,
      and advanced features (SSO, scheduled rotation, fine-grained access controls)
    </li>
  </ul>

  <h2>5. Payment</h2>
  <p>
    Payments are made through Stripe Inc. (United States, Data Privacy Framework certified), by
    credit card or SEPA direct debit. The Customer expressly authorizes monthly automatic debit.
    Each invoice is issued on the subscription anniversary date.
  </p>

  <h2>6. Term, renewal and termination</h2>
  <p>
    The Subscription is concluded without commitment, and is tacitly renewed each month on the
    anniversary date. The Customer can terminate at any time from their account area (termination
    takes effect at the end of the current billing period). No pro-rata refund.
  </p>
  <p>
    In accordance with the French law of 16 August 2022, termination is accessible by means at
    least as simple as subscription.
  </p>

  <h2>7. Right of withdrawal (consumers only)</h2>
  <p>
    In accordance with article L.221-18 of the French Consumer Code, a Customer who is a consumer
    has a 14-day period to exercise their right of withdrawal.
    <strong
      >The Customer expressly waives this right by requesting immediate execution of the
      Service</strong
    >
    upon subscription. This waiver is materialized by the checkbox at payment time.
  </p>

  <h2>8. Customer obligations</h2>
  <p>The Customer warrants that the Secrets stored:</p>
  <ul>
    <li>Belong to them or that they hold a legitimate right to possess them</li>
    <li>
      Do not contain third-party personal data without an appropriate legal basis under the GDPR
    </li>
    <li>Are not used for illegal purposes under French law</li>
    <li>
      Do not include cryptographic material subject to export restrictions for which the Customer
      lacks the required authorizations
    </li>
  </ul>
  <p>
    The Customer is solely responsible for the choice, quality and rotation of their Secrets, the
    proper management of access permissions within their organization, and the secure custody of
    their Master password.
  </p>

  <h2>9. Backup and unrecoverability</h2>
  <p>The Customer understands and accepts that:</p>
  <ul>
    <li>
      Secrets stored in FerrVault are encrypted client-side with a key derived from the
      Customer's master password.
      <strong>FerrLabs holds no copy of this password and cannot technically decrypt the secrets.</strong>
    </li>
    <li>
      In case of loss of the master password, <strong>secrets are permanently unrecoverable</strong>.
      The Customer is solely responsible for the safekeeping of their password and recovery codes.
    </li>
    <li>
      FerrLabs recommends that the Customer periodically export their secrets (decrypted
      client-side) for independent backup purposes.
    </li>
    <li>
      In case of secret deletion, encrypted backups are purged within 30 days. Beyond that, the
      data is unrecoverable.
    </li>
    <li>
      Security probes (audit log) trace metadata accesses to secrets (who, when, from where) —
      not their content, which remains unreadable server-side.
    </li>
  </ul>

  <h2>10. Anti-abuse policy</h2>
  <p>
    FerrVault is designed for the storage of professional secrets (API keys, credentials, tokens,
    certificates). The Customer undertakes not to use it to store third-party personal data
    without a legal basis, illegal content, or to circumvent legal restrictions (arms export,
    international sanctions, etc.).
  </p>

  <h2>11. Suspension and termination for cause</h2>
  <p>FerrLabs may suspend or terminate the Subscription, without notice or refund, in case of:</p>
  <ul>
    <li>Use manifestly contrary to the Anti-abuse policy</li>
    <li>Payment default of more than 15 days</li>
    <li>Serious breach of these terms</li>
    <li>Attempted attack on the infrastructure (abuse, brute-force, fraud)</li>
  </ul>

  <h2>12. Personal data</h2>
  <p>
    The Customer's data is processed in accordance with the privacy policy published at
    <a href="/privacy/">ferrvault.com/privacy</a>. FerrLabs is the data controller for the
    Customer account data and Vault metadata. Since Secret content is encrypted client-side,
    FerrLabs has no technical capacity to process it in clear text.
  </p>
  <p>
    When the Customer stores personal data subject to the GDPR within their Vaults, the Customer
    is the data controller and FerrLabs is the processor within the meaning of GDPR art. 28; a
    Data Processing Addendum (DPA) is available on request.
  </p>

  <h2>13. Intellectual property</h2>
  <ul>
    <li>
      The FerrVault source code, the "FerrLabs" and "FerrVault" trademarks, the Kubernetes
      operator and all associated graphical elements remain the exclusive property of Bryan
      Ferrando — Entrepreneur individuel.
    </li>
    <li>
      Stored Secrets remain the exclusive property of the Customer. The Customer grants FerrLabs
      a strictly technical, non-exclusive, worldwide, royalty-free license, limited to the
      storage, encrypted replication and delivery of the encrypted content for the purposes of
      the Service. FerrLabs has no usage right over the plaintext content, which it cannot
      technically obtain.
    </li>
  </ul>

  <h2>14. Limitation of liability</h2>
  <p>
    FerrLabs is bound by an obligation of means. FerrLabs's liability is limited to direct
    foreseeable damages and shall not exceed, in any event, the amounts paid by the Customer over
    the past 12 months. FerrLabs is not liable for indirect damages (loss of revenue, loss of
    Secrets resulting from the Customer's loss of their Master password, reputational harm).
  </p>
  <p>
    FerrLabs is not liable in case of force majeure (infrastructure subcontractor outage, DDoS
    attack, network unavailability).
  </p>

  <h2>15. Modification of terms</h2>
  <p>
    FerrLabs reserves the right to modify these terms. Any modification is notified to the
    Customer by email at least 30 days before its entry into force. Failing express opposition by
    termination within this period, the new terms are deemed accepted.
  </p>

  <h2>16. Applicable law and jurisdiction</h2>
  <p>
    These terms are governed by French law. For any dispute with a professional Customer,
    exclusive jurisdiction of the courts of Lille.
  </p>
  <p>
    For any dispute with a consumer Customer, in accordance with article L.612-1 of the French
    Consumer Code, the Customer may have free recourse to a consumer mediator. Designated
    mediator: <span class="placeholder">[À COMPLÉTER]</span>.
  </p>

  <h2>17. Final provisions</h2>
  <p>
    The possible nullity of a stipulation does not entail the nullity of the whole. FerrLabs's
    failure to exercise a right cannot be interpreted as a waiver.
  </p>
FerrVault

Secrets management for product teams. EU-hosted, audited.

← Back to ferrlabs.com
Products
  • FerrVault
  • FerrFlow
  • FerrTrack
  • FerrGrowth
  • FerrFleet
  • FerrLens
Resources
  • Changelog
  • Docs
  • RSS
  • GitHub
Legal
  • Legal notice
  • Privacy
  • Terms
  • Cookies
  • DPA
  • Subprocessors
  • Security
© 2026 FerrLabs. FerrVault is a FerrLabs product.Set in Fraunces · Hand-built in Lille, FR