Legal document
Pipefork Terms of Service
Terms of Service
Last updated: 2026-06-27 Effective date: 2026-06-27 Service: Pipefork Website: https://pipefork.com Provider: Lybeck Labs, 3560007-3, Finland Contact: support@pipefork.com
1. Agreement
These Terms of Service ("Terms") govern access to and use of Pipefork, including the website, dashboard, API builder, API runtime, API key management, request logs, documentation, support channels, and related services (the "Service").
By creating an account, accessing the Service, or using any Pipefork API runtime, you agree to these Terms. If you use the Service on behalf of a company, customer, employer, or other organization, you represent that you have authority to bind that organization to these Terms.
If you do not agree to these Terms, you must not use the Service.
2. Intended Use
Pipefork is intended for professional, development, integration, business, and commercial use. The Service is not intended for consumer, household, medical, emergency, life-critical, safety-critical, financial trading, nuclear, aviation, or other high-risk use cases.
You must not use Pipefork where failure, delay, incorrect output, downtime, or data loss could reasonably lead to death, personal injury, severe financial loss, critical infrastructure disruption, or material legal harm.
3. Service Description
Pipefork allows users to build, compose, transform, secure, deploy, and operate API facades from the browser. The Service may include API projects, endpoint definitions, upstream HTTP requests, response mapping, API keys, environments, deployment metadata, request logs, usage counters, generated API documentation, and runtime execution.
Pipefork may call third-party or customer-configured upstream APIs based on your configuration. You are responsible for ensuring that you have the right to access, process, transmit, transform, and expose any data or systems connected to Pipefork.
4. Account and Workspace Responsibility
You are responsible for:
- maintaining the confidentiality of your login credentials;
- managing users invited to your workspace;
- protecting API keys, secrets, credentials, and tokens;
- all activity occurring under your account, workspace, API keys, or published APIs;
- ensuring that your API definitions, upstream connections, and published APIs comply with applicable law and third-party terms.
You must notify Pipefork promptly if you suspect unauthorized access or credential compromise.
5. Customer Content
"Customer Content" means API definitions, endpoint paths, mapping rules, upstream configuration, test data, request and response payloads, logs, secrets metadata, generated documentation, and other content you submit to or process through the Service.
You retain ownership of Customer Content. You grant Pipefork a limited, non-exclusive right to host, process, transmit, store, display, secure, back up, and otherwise use Customer Content only as necessary to provide, maintain, protect, troubleshoot, and improve the Service.
You are solely responsible for Customer Content and for the APIs you build, expose, test, publish, or operate through Pipefork.
6. Secrets, Credentials, and API Keys
Pipefork may allow you to store or reference external API credentials, tokens, headers, API keys, and other secrets.
You must not intentionally expose secrets in endpoint responses, generated documentation, public URLs, browser-visible data, logs, client-side code, or other locations where unauthorized parties may access them.
Pipefork will use reasonable technical measures to protect secrets. You remain responsible for rotating credentials, limiting upstream permissions, revoking compromised keys, and validating that your API configuration does not disclose confidential information.
7. Acceptable Use
You must not use the Service to:
- violate applicable law or third-party rights;
- access systems, APIs, data, or networks without authorization;
- transmit malware, phishing content, spam, abusive traffic, or deceptive content;
- overload, disrupt, scan, attack, bypass, reverse engineer, or interfere with the Service;
- publish APIs that facilitate unlawful surveillance, fraud, credential theft, data scraping, or unauthorized data extraction;
- bypass usage limits, security controls, rate limits, plan limits, or billing controls;
- upload or process special categories of personal data unless you have a lawful basis and appropriate safeguards;
- use Pipefork as a general-purpose proxy for unlawful, abusive, or deceptive activity.
Pipefork may suspend or restrict accounts, workspaces, API keys, endpoints, runtime traffic, or access to features if Pipefork reasonably believes that use violates these Terms, creates security risk, creates legal risk, or may harm Pipefork, users, upstream providers, or third parties.
8. External APIs and Third-Party Services
Pipefork is not responsible for third-party APIs, upstream systems, external services, data sources, authentication providers, cloud providers, payment processors, networks, or other third-party infrastructure.
You are responsible for complying with the terms, rate limits, privacy requirements, licensing restrictions, and security requirements of any third-party API or service you connect to Pipefork.
Pipefork does not guarantee availability, correctness, legality, compatibility, performance, or continued operation of third-party APIs.
9. Beta, Free Plans, and Experimental Features
Free, beta, preview, experimental, or early access features are provided "as is" and may be changed, limited, suspended, or discontinued at any time.
Unless separately agreed in writing, beta and free services have no uptime commitment, support commitment, data retention commitment, performance commitment, or service credit.
You should not use beta or free services for production-critical workloads.
10. Paid Plans and Billing
Paid plans, usage limits, request quotas, log retention, billing periods, renewal rules, cancellation terms, and prices will be described at checkout or in the applicable plan documentation.
Payments may be processed by a third-party payment provider such as Stripe. You authorize Pipefork and its payment provider to charge applicable fees, taxes, and usage-based amounts.
Unless required by law or expressly stated otherwise, fees are non-refundable.
Pipefork may suspend paid features if payment fails or if usage exceeds plan limits.
11. Availability, Changes, and Support
Pipefork aims to provide a useful and reliable Service, but does not guarantee uninterrupted, error-free, secure, or always-available operation.
Pipefork may modify, update, suspend, or discontinue parts of the Service. Pipefork will try to provide reasonable notice for material changes when practical.
Support availability depends on the plan and documentation then in effect.
12. Data Protection
For personal data that Pipefork processes as a controller, the Privacy Policy applies.
For personal data contained in Customer Content, API payloads, request logs, endpoint configurations, or upstream responses processed on your behalf, you are generally the controller and Pipefork acts as processor, unless otherwise agreed.
You instruct Pipefork to process such data only to provide, secure, maintain, troubleshoot, and improve the Service, and as otherwise required by law.
Pipefork may use subprocessors such as hosting providers, database providers, logging providers, email providers, analytics providers, payment processors, and infrastructure providers. Pipefork maintains a subprocessor registry and remains responsible for its subprocessors as required by applicable data protection law.
The Pipefork Data Processing Addendum applies where Pipefork processes Customer Content as a processor on behalf of Customer, unless the parties agree otherwise in writing.
13. Security
Pipefork will use reasonable technical and organizational measures designed to protect the Service and Customer Content.
However, no system is perfectly secure. You are responsible for configuring your APIs securely, limiting access, validating upstream data, protecting credentials, and avoiding unnecessary personal or sensitive data in logs and payloads.
14. Intellectual Property
Pipefork and its software, design, documentation, trademarks, logos, and technology are owned by Pipefork or its licensors.
These Terms do not transfer ownership of Pipefork technology to you. You receive only a limited, revocable, non-exclusive, non-transferable right to use the Service according to these Terms.
Feedback, suggestions, or ideas you provide may be used by Pipefork without restriction or obligation to compensate you.
15. Confidentiality
Non-public information disclosed through the Service, including security information, product roadmap details, private beta features, credentials, and workspace data, must be treated as confidential unless it is already public or independently known.
16. Termination
You may stop using the Service at any time. You may request account deletion according to the Privacy Policy and applicable law.
Pipefork may suspend or terminate access if you breach these Terms, create risk, fail to pay fees, violate law, or misuse the Service.
After termination, your access may stop immediately. Pipefork may delete Customer Content after a reasonable retention period unless legally required to retain it.
17. Disclaimers
To the maximum extent permitted by law, the Service is provided "as is" and "as available".
Pipefork disclaims all warranties, whether express, implied, statutory, or otherwise, including warranties of merchantability, fitness for a particular purpose, non-infringement, availability, accuracy, security, and error-free operation.
Pipefork does not warrant that APIs created with the Service will be correct, secure, lawful, compliant, available, performant, or suitable for your intended use.
18. Limitation of Liability
To the maximum extent permitted by law, Pipefork and its owners, directors, employees, contractors, and affiliates will not be liable for:
- indirect, incidental, special, consequential, exemplary, or punitive damages;
- lost profits, lost revenue, lost business, lost savings, or loss of goodwill;
- loss, corruption, exposure, or unavailability of data;
- downtime, latency, failed API calls, incorrect API responses, or upstream API failures;
- unauthorized access caused by your configuration, credentials, API keys, or third-party services;
- claims arising from Customer Content, your APIs, your users, or your third-party integrations.
To the maximum extent permitted by law, Pipefork's total aggregate liability for all claims relating to the Service will not exceed the greater of:
- the amounts paid by you to Pipefork for the Service during the 12 months before the event giving rise to the claim; or
- EUR 100 if you use only a free plan.
Nothing in these Terms excludes or limits liability where such exclusion or limitation is not permitted by applicable law, including liability for intentional misconduct, gross negligence, or mandatory data protection liability.
19. Indemnity
You agree to defend, indemnify, and hold harmless Pipefork and its owners, directors, employees, contractors, and affiliates from claims, damages, losses, liabilities, costs, and expenses arising from:
- your Customer Content;
- APIs you create, publish, or operate;
- your use of upstream APIs or third-party services;
- your violation of law or third-party rights;
- your breach of these Terms;
- your users' use of APIs created through Pipefork.
20. Changes to These Terms
Pipefork may update these Terms from time to time. If changes are material, Pipefork will take reasonable steps to notify you, such as by email, dashboard notice, or requiring acceptance at next login.
Continued use of the Service after updated Terms become effective means you accept the updated Terms.
21. Governing Law and Disputes
These Terms are governed by the laws of Finland, excluding conflict of law rules.
Unless mandatory law provides otherwise, disputes will be resolved in the competent courts of Finland.
22. Contact
Questions about these Terms may be sent to:
support@pipefork.com