Terms of Service

Terms of Service

Data Processing and Retention Policy

Quality Management Policy

Information Security and Privacy Management Policy


Privacy Policy

Cookies Policy

Legal Notice

Generative AI Disclosure

Security & Privacy

Generative AI Acknowledgement

Terms of Service

The following general Terms of Service (“Terms”) represent the binding agreement, along with any other agreements that are referenced under these Terms, between the Client and Inbenta.

These Terms, when combined with the terms of any associated Sales Order Forms, Proof of Concept, Implementation, Subscription, or other agreements (“Referenced Agreement(s)”), govern the Client’s use of the Inbenta Software and Subscription. By signing any Referenced Agreements, the Client is automatically bound by the terms of both the Referenced Agreement and these Terms.

The Inbenta General Terms of Service are always updated at General Terms of Service – Inbenta. Inbenta will make all reasonable efforts to keep the Client informed of updated versions of these Terms. Without prejudice, the Client undertakes to regularly access the Inbenta website.

1.1. Acceptable Use Policy

The Client undertakes to fully comply with the following Acceptable Use Policy:

This Acceptable Use Policy (hereinafter this “Policy”) applies to users accessing Inbenta Software as a Service, Information Assets and Information Systems (the “Services”).

The purpose of this document is to define clear rules for using the Services provided or arranged by Inbenta.

Inbenta may modify this Policy at any time by posting a revised version on its website. Inbenta will make all reasonable efforts to keep the Client informed of updated versions of this Policy. Without prejudice, the Client undertakes to regularly access the Inbenta website. By using the Services, the Client agrees to the latest version of this Policy. If the Client fails to fulfill the terms of this Policy, or authorizes or helps others to do so, Inbenta may suspend or terminate the Client’s use of the Services.

1.1.1. Definitions

The Services: Inbenta Software as a Service (SaaS), Information Assets and Information Systems.

The Software: They include the computer programs and the documentation owned by Inbenta that is being licensed to the Client, regardless of the format they are in. By way of example, which is non-comprehensive, the Software may consist of source code and/or object code, SDKs, docker containers, APIs, access, and use of the Inbenta SaaS, etc.
Software owned by Inbenta that is being licensed to the Client.

Information Systems: Cloud servers, network infrastructure, system, and application software, as well as other computer subsystems and components, which are owned or used by Inbenta or under Inbenta’s responsibility to provide the Services. The use of an Information System also involves all internal or external services, such as Internet access, email, etc.

Information Assets: Within this Policy, the term Information Assets is applied to Information Systems and other information/data, irrespective of its form, i.e., electronic information and paper documents managed under these Services.

Users: Within this Policy, the term “users” refers to any individual accessing the Services.

Instance: Within this Policy, an Instance represents each environment that Inbenta provides to the Client for using the Service, with its dedicated Knowledge Base, usage dashboards and API keys.

1.1.2. Purpose and Scope Through this Contract, Inbenta grants to the Client, who accepts, a non-exclusive and non-transferable license for using the hired Services. The purpose of this Agreement (the “Purpose”) is to grant the Client the right to use the Software under the terms established in this Agreement. Likewise, the license to use the Services includes, in addition to that set out in point 1 of this clause, the technical support documentation for Software use and operability, including the user manual, the specifications and instructions for installation and use, whereas any additional information is regularly provided by Inbenta to the Client, for their own use, during the term of this Contract (hereinafter, the “Documentation”), whose purpose is to ensure correct operation of the Software and greater efficiency in its use and operability.

The license is granted on a non-exclusive, non-assignable and non-transferable, indivisible basis, and without the right to create derivative works, for the duration detailed in the Term and Termination clause of the Agreement and for the purpose of providing the Services. The license includes not only the current Software version, but also as many improvements, corrections, revisions, updates (including new versions) as Inbenta may introduce, develop or implement on said Software during this Agreement, in line with the Purpose described, which involves, among others, improving the quality of the Software features, updating its source codes, adapting it to new circumstances in the technological market or new demands on systems, as well as improving or expanding its functions. The deliverables described above and detailed below will be provided to the Client under the terms specified in the Offer.

In this sense, Inbenta specifies that the Software made available in the cloud is automatically updated when improvements are made to the systems, according to the intervention windows established by Inbenta.

1.1.3. Client liabilities Instances

The Client is responsible for all activities that occur in their instances, regardless of whether they authorize these activities or they are undertaken by them, their employees or a third party (including contractors and End Users). Inbenta and its affiliates are not responsible for unauthorized access to the Client’s instances.

The Client must use the Information Systems only for the purposes they have been authorized for, i.e., for which they have been granted access rights.

The Client must take all reasonable precautions to safeguard any credentials (e.g., a username and password, email address, smart card, or other security token). The Client must prevent another person or organization from using their access rights, i.e., username, directly or indirectly, and must not attempt to obtain or use anyone else’s credentials.

Access to the Services will only be granted to duly authenticated users through a unique and secure username and strong password combination that must be renewed on a regular basis. The Client must only allow authorized employees to manage their accounts and is responsible for all contents and transactions related to these accounts. The Client is also responsible for keeping the list of users with access to Inbenta’s Information Systems up to date. Contents

The Client shall ensure that their Contents and the End Users’ use of their Contents will not violate this Policy and any applicable legislation. The Client is solely responsible for the development, operation, maintenance as well as privacy compliance and use of their contents. Security

The Client is responsible for properly integrating, configuring, and using the Services and otherwise taking appropriate action to secure, protect and back up their instances and Contents in a manner that will ensure appropriate security and protection.

This must include the use of data encryption both in transit and at rest and of the obfuscation tool Inbenta provides, whenever possible, to protect the user’s personal information from unauthorized access and exposure.

If the Client becomes aware of any violation of this Policy, they must notify Inbenta immediately and provide assistance, as requested, to stop or remedy the violation. Contact channels: Support-Center ( End Users

The Client is responsible for the End Users’ use of the Client’s Contents and Services.

The Client shall ensure that all End Users comply with the Client’s obligations under this Policy and that the terms of the Client’s security and privacy policies with each End User are in line with this Policy.

1.1.4. Acceptable use of the Information Assets and Information Systems

The Client shall not use the Services to compromise the security or integrity of any network, computer or communications system, software application, network, computer device or personal data, or in a manner that unnecessarily weakens the performance of the information system or poses a security threat. Unauthorized activities include:

  • Illegal, harmful, or fraudulent activities: to create, transmit or manipulate information with the intent to defraud, gain personal profit or other uses beyond those established by contract.
  • Infringing content: to create, transmit or manipulate information that infringes Inbenta’s intellectual property rights, or breach the terms of licenses for software or other material, as set out in these General Terms of Service.
  • Harmful content: to disrupt Inbenta’s systems, deny access to them or else corrupt or destroy their data.
  • To access, delete, modify, or disclose Information Assets belonging to Inbenta without Inbenta’s permission, including attempting to probe, scan or test the vulnerability of a System, or also to breach any security or authentication measures used by a System.
  • Avoiding System restrictions. Using manual or electronic means to avoid any use limitations of a System, such as access and storage restrictions.
  • Interception. To monitor the use of information or communication systems without Inbenta’s explicit permission. This includes monitoring of network traffic; network and/or device discovery; wi-fi traffic capture; installation of keylogging or screen grabbing software that may affect users other than the Client; attempting to access system logs or servers or even network equipment.
  • Adding scripts hosted by Inbenta to pages where credit card information or any other sensitive information is being collected. Inbenta is not PCI DSS compliant. Adding a component from a vendor that is not PCI DSS compliant to the checkout page makes the entire payment process non-compliant with PCI DSS. The alternative is to host that script in the Client’s datacenter and secure it using Subresource Integrity (

1.1.5. Policy Enforcement

Inbenta reserves the right to investigate any failure to fulfill this Policy or any misuse of the Services by the Client and their partners.

Inbenta may report any activity that it suspects violates any law or regulation to the appropriate law enforcement agencies. The report may include the disclosure of appropriate Client information, if required by the law enforcement agencies.

1.2. Intellectual Property

Inbenta is the sole, legitimate and full owner of the intellectual property rights over the Software and the documentation associated with it. Inbenta will provide the Client with Software hosting services. This means Inbenta will provide the Client with hosting services from its own servers and online access.

All copyrights, database rights and any other patent right regarding the Software belong to Inbenta.

All copyrights, database rights and any other patent right regarding the information provided solely by the Client (including all the information contained in or coming from the Client’s website) belong to the Client.

Any generic question model created by Inbenta or a third party designated by Inbenta, all the general information regarding the use of the Software, any idea obtained by Inbenta as to the use of synonyms, jargon, etc. can be used by Inbenta or a third party designated by Inbenta for other Clients’ benefit. The Client’s proprietary content, such as the Client’s FAQs, cannot be used by Inbenta for providing Services to other Clients.

In order to apply these Terms, “Affiliate” shall mean any related legal entity of the Client, including subsidiaries and parent companies. In order to apply the pricing in any Referenced Agreements, Affiliates may or may not be included in such pricing.

The parties mutually license the use of each other’s brands and trade names in the communications regarding the relationship derived from these Terms and the use of the Software. Prior written consent from the owner of such brands and trade names will be required in relation to any public statement or communication issued by either of the parties. The rights pertaining to any brand or trade name registered or used by any of the parties belong to that party, respectively.

1.2.1. License to use

Under the terms herein and any Referenced Agreements, Inbenta grants the Client and its Affiliates (where percentage of ownership is over 50%) a limited, non-exclusive and worldwide license to use the Software as specified in these Terms, the Sales Order Form, and any Referenced Agreements, (a) according to the documentation provided by Inbenta, (b) for the sole use of the Client. Any copy of the Software implying a breach of this agreement will be deemed a copyright breach.

1.2.2. Restrictions

In any circumstance, the Client agrees not to: (a) allow third parties to distribute copies of the Software or of the related documentation to a person or entity outside the licensed websites, (b) reproduce, modify or copy the Software and the related documentation, except when clearly allowed by the applicable legislation, these Terms or written consent, (c) provide, rent, sell or transfer by any means the Software or a copy of all or part of such Software or use it for the benefit of third parties, (d) disassemble, use reverse engineering, compile or decompile the Software. If the Client needs information concerning the interoperability of the Software with other programs, the Client shall not take apart or decompile the Software to obtain such information, and the Client agrees to request it from Inbenta in writing. Once Inbenta has received the Client’s request, Inbenta will reasonably determine if the Client needs such information for the interoperability of a program that was independently created with other programs and Inbenta will provide such information as soon as reasonably feasible or will, at the Client’s own cost, assist the Client with the said interoperability or else communicate that Inbenta will not provide such information or assistance.

In any circumstance, Inbenta undertakes not to: (a) share with third parties any of the Client’s documentation, passwords, platform information, codes or confidential information, or that of the Client’s Affiliates’ websites; (b) modify the Client’s website and its contents without written consent, except for the modifications that were specified for the Project and are the reason for this agreement; (c) reproduce, modify or copy the Client’s platform software and the related documentation, except when clearly allowed by the applicable legislation, these Terms, or the Client’s written consent.

1.3. Personal data processing

The services and products are operated by Inbenta (including all its affiliates). Processing of personal data under this Agreement must be in accordance with applicable local laws, and the specific terms and conditions of data processing, where appropriate, must be described in a specific Data Processing Agreement.

1.4. Security Incident Management

In the event that the Client needs to report a security incident to Inbenta, the appropriate channel is the Inbenta Support Center or via email to

If Inbenta becomes aware of an incident within Inbenta’s platform, which may affect the security of the Client’s information, Inbenta will report this incident and its impact on the affected information to the Client.

Inbenta will share all necessary information for the Client to alert its users and apply mitigations, if possible.

Inbenta will notify the Client about the security incident through email to the Client team assigned to Inbenta, or the contacts specified in this contract (Notice section) in their absence, without undue delay after Inbenta has become aware of it, i.e., within 48 hours after Inbenta has become aware of the incident.

Inbenta will also publish an incident report in the Support Center and keep this report updated with the latest status until closure.

1.5. Data Processing and Retention Policy

1.5.1. Data Processing: Knowledge Management, Search and Chatbot Products

The Inbenta App application features a set of dashboards that provide insights into the Key Performance Indicators of the Client’s Inbenta instances.

Inbenta stores all the data leveraged from the Inbenta dashboards into a set of databases called the Inbenta Reporting System. The data in these databases are classified into raw data and aggregated data.

Raw Data:

  • All the events reported through Inbenta integration tools (SDK and API) are stored in their original state as raw data.
  • Each event, such as a user question, click or rating, is stored individually. Optionally, events may be grouped together in the same user session.
  • Raw Data or original events are only visible in detail views on Inbenta dashboards (usually, after clicking on a magnifying glass).
  • Some events which are considered raw data:
    • User questions
    • Clicks
    • Rating
    • Custom events

Aggregated Data:

  • The Client’s Inbenta instance’s Key Performance Indicators are calculated using raw data events. When raw data are processed and stored as a Key Performance Indicator, they are considered aggregated data. This means that a Key Performance Indicator can be considered a summary of all the raw data events that may influence this specific KPI.
  • Inbenta dashboards show these aggregated data. Each aggregation pertains to a specific KPI. It shows relevant details (e.g., number of user questions per day, click-through rates per day, session performance indicators per day, etc.).
  • Aggregated data generally represent the number of occurrences of raw data events. In general, they are completely unrelated to the original raw events that are computed to generate the final KPI (except for specific dashboards that can show raw data through a magnifying glass).
  • Some examples of aggregated data:
    • Total user questions per day, user type, source, and environment.
    • Total clicks per day, user type, source, and environment.

1.5.2. Data Processing: Messenger Product

The Inbenta App application provides a tool that handles Call Center business to Client communications.

Inbenta Clients who use the Inbenta Messenger product can configure their different support and communication channels (such as email, Twitter, Facebook, Live Chat, Online Web Forms…) for their Clients or users. Inbenta Messenger then connects to all these channels and establishes a bidirectional communication between the support agents of Inbenta Clients and their end users.

On behalf of its Clients, Inbenta stores the data produced by the bidirectional communication between the Call Center agents and users. This is done as follows:

  • Inbenta hosts as Raw Data each individual message produced during the communication between Call Center agents and users. These messages are stored in a channel-independent, normalized format.
  • Inbenta makes contact information from Call Center end users (e.g., email addresses, Twitter/Facebook account information or other channel-dependent contact details) available to Call Center agents (i.e., employees managed by Inbenta’s Clients). Inbenta collects this information in accordance with users’ privacy preferences on each specific channel and uses the Messenger product to leverage these data and ensure communication through the specified channels between Inbenta Clients and their end users.
  • As part of the Inbenta App suite, Inbenta also offers a set of dashboards that show KPIs regarding the volume of messages and the efficiency of Call Center agents. The data available on these dashboards are considered Aggregated Data.

1.5.3. Data Retention Policy

Inbenta processes the data described in the previous chapters on behalf of its Clients as a Data Processor. The Client, as the Data Controller, takes full responsibility for the data collected through Inbenta Products on its behalf and in accordance with the Product configuration or setup available to the Client.

Inbenta retains the above-mentioned data according to the following stages:

  • Raw Data are stored in the Inbenta Reporting System and are available on Inbenta dashboards for at least 100 days.
    • After 100 days, all Raw Data are transferred from the Inbenta Reporting System to an Inbenta data archive. From then on, they only become available upon request for legal requirements or auditing purposes, and in a CSV export format.
    • Raw Data generated by the Messenger product are excluded from this process and remain available in the system as archived tickets.
  • Aggregated Data are stored in the Inbenta Reporting System and are made available on Inbenta dashboards for at least three years.
    • All Aggregated Data stored for three years or more may be transferred to an Inbenta data archive, where they only become available upon request in a CSV export format.
  • Upon contract termination:
    • Inbenta checks that the Client’s instances are not used anymore, and if they are, Inbenta advises the Client to remove the integrations from their systems.
    • Inbenta reminds the Client to export the instance data before its deletion.
    • Inbenta deletes all Raw Data and Aggregated Data within two months of the contract’s end date. This means all data contained on the Client’s instances are deleted from the Inbenta’s servers.
  • Inbenta ensures that all Raw Data and Aggregated Data are stored for two years after they have been transferred to the Inbenta data archive, or until contract termination, whichever occurs first.

Inbenta offers a data masking tool. Clients can use this tool to anonymize the data stored in the Inbenta Reporting System. The Inbenta data masking tool anonymizes information based on a set of patterns managed by each Client (the Data Controller). The Inbenta data masking tool forces the system to store the anonymized data version through all subsequent levels, Raw Data and Aggregated Data.

Inbenta reserves the right to review this data archive and Retention Policy at any time and at its sole discretion, as required by the applicable legislation, or in order to optimize Inbenta internal systems.

1.6. Limitation of Liability

Inbenta will not be responsible for any damage that may arise from improper use or fraudulent use of the platform by the client or its affiliates or workers, in relation to all the agreements and obligations, in general, derived and regulated in this Agreement.

While Inbenta applies, in all its developments, the highest reasonably applicable security protocols and standards, nor will it be responsible if the improper or fraudulent use of the contracted products is made by third parties that may have access to the application, as long as it is used by the client, without the authorization of Inbenta, whether such access is consequence of a deliberate action by cyber attack or fraud as by recklessness or for not having applied, on the part of the client, all the opportune measures of security and control.

Inbenta is also not responsible for those problems arising from causes of force majeure or catastrophe that may affect the platform, so that it ceases to be active or presents a malfunction as a result of unforeseeable events.

In the event that some type of liability arises, by application of the conditions regulated in this Agreement, the maximum quantification of the same will be the aggregate amounts paid by the client, in accordance with the provisions of this Agreement.

1.7. Governing legislation and dispute resolution

This Agreement shall be governed by and construed in accordance with the applicable legislation in the State where the Inbenta affiliate signatory to this Agreement is located. Likewise, the Parties expressly understand and agree that any dispute arising under this Agreement shall be brought exclusively before the courts of the State where the Inbenta affiliate signatory to this Agreement is located. The Parties hereby consent to such exclusive courts and jurisdiction.

Last updated: 01/08/2022