Skip to content
Regolo Logo
Regolo Logo

Regolo inference service agreement

This Regolo Inference Service Agreement, together with any other terms and policies incorporated herein by reference, including any linked documents, and any Purchase Orders, which form an integral part hereof, as amended from time to time (collectively the “Agreement”), form a legally binding and enforceable agreement between Seeweb S.r.l. with registered office in Italy, Frosinone (Fr) Via Armando Vona, 66 – 03100, VAT no. 02043220603 (“Seeweb” or “Provider”) and the customer accessing or using the Services (“Subscriber”).

If the Subscriber is entering into this Agreement on behalf of a company or other legal entity, the Customer represents that: (i) it has full legal authority to bind such entity to this Agreement; and (ii) after reading and understanding the Agreement, it agrees to the terms of this Agreement on behalf of the respective entity, and such terms shall bind such entity. The Subscriber, whether an individual consumer or a legal business entity, is the party bound by these Terms and is solely responsible for all actions and omissions occurring under its account, including the legality of the inputs and the use of the outputs generated via the Service.

The Subscriber and Seeweb shall each be referred to as a “Party” and collectively as the “Parties”.

CUSTOMER ACKNOWLEDGES THAT ONCE IT CLICKS TO ACCEPT OR OTHERWISE AGREES TO THIS AGREEMENT, IT WILL BE EFFECTIVE IMMEDIATELY, AND THE CUSTOMER AGREES ON BEHALF OF ITSELF AND ITS ORGANIZATION TO BE BOUND BY THE TERMS OF THIS AGREEMENT.

GENERAL TERMS AND DEFINITIONS

(Version 01 January 2026)

  1. Definitions

Capitalized terms used in the Agreement shall have the meaning hereby defined:

Access Credentials”: the identification codes, passwords, and any other technical information or devices (including, without limitation, digital tokens or multi-factor authentication systems) provided by Seeweb or created by the Subscriber, which enable secure access to the reserved area of the Website and the use of the Services. Such credentials are strictly personal, non-transferable to third parties, and constitute the tool for validating the Subscriber’s identity in using Regolo and the other Services on the Website.

Freemium Subscription”: the 30 days term of free subscription offered by Seeweb to the new Subscribers. It can only be enjoyed one time by each Subscriber, any infringement will be claimed and the user banned from the Service.

Inference Service” or “Regolo”: the Service provided by Seeweb under the trademark “Regolo” which allows the Subscriber, during the Term of this Agreement, to securely routes the Subscriber’s inputs or prompts to and from third-party Underlying AI Models hosted on Seeweb infrastructure.

Services”: the Inference Service and any other service provided by Seeweb by the Website regolo.ai

Subscriber”: the individual or entity who has (i) executed or electronically accepted this Agreement on the website www.regolo.ai, (ii) agreed to pay the requisite Subscription Fees to obtain a limited, revocable, and non-transferable license or right to access and use the Inference Service or (iii) been granted the necessary credentials (e.g., API key, user login) by the Provider to access and utilize the functionalities of the Inference Service during a valid Subscription Term.

Subscription Fees” the amounts, as specified and published on the Website, required to be paid by the Subscriber to Seeweb in consideration for the right to access and utilize Regolo during a specific Subscription Term according to the Subscription Plan chosen by the Subscriber. Unless otherwise expressly agreed, Subscription Fees are non-refundable and payable in advance.

Subscription Plan”: the plan chosen by the Subscriber on the Website between the FLAT Subscription Plan (Core or Boost) or the PER USE Subscription Plan.

Subscription Term”: the defined period of time (1 month for FLAT Subscription Plan or twelve (12) months for PER USE Subscription Plan) based on the Subscription Plan chosen, commencing on the Effective Date or any subsequent renewal date, during which the Subscriber is granted the right to access and use Regolo, upon the timely payment of the applicable Subscription Fees.

Underlying AI Models” the Artificial Intelligence models time by time available for the Inference Service as published on the Website.

User Account”: a personalized, non-transferable digital interface and set of credentials provided by the Company to a registered User, granting access to specific functionalities of the Website, including but not limited to the placement of Subscriptions, management of personal data, and access to purchase history.

Website”: regolo.ai

  1. Acceptance and Agreement

2.1. Binding Agreement: By clicking the “I Accept” button, completing the subscription process on the Website www.regolo.ai, or otherwise accessing or using the Service, the Subscriber unconditionally accepts and agrees to be bound by this Agreement, which constitute a legally binding agreement between the Subscriber and Seeweb.

2.2. Effective Date: The Agreement becomes effective on the date of subscription and payment (the “Effective Date”).

2.3. Expiration Date: after nine (9) months of non-use of the Inference Service the User Account of the Subscriber can be deleted by Seeweb with previous notice.

  1. The Inference Service and Seeweb role

3.1. Description of Inference Service: Regolo is provided as a subscription-based service aimed at providing the Inference Service on third party Underlying AI Models. Seeweb’s role is strictly limited to that of a reverse proxy and technical conduit that securely routes the Subscriber’s requests (the “Inputs” or “Prompts”) to and from third-party Underlying AI Models hosted on Seeweb infrastructure and performs usage metering, authentication, and traffic management.

3.2. AI Act: in performing such activity, Seeweb acts solely as a technical intermediary and shall not be considered, for any legal purpose, a “provider” of artificial intelligence systems as defined by Regulation (EU) 2024/1689 (the “AI Act”) and its national implementing legislation. Consequently, all obligations placed upon “providers” by the AI Act and related national legislation – including, but not limited to, those concerning conformity assessment, risk management, technical documentation, transparency, human oversight, and the cybersecurity of the AI system itself remain the sole and exclusive responsibility of the respective third-party providers of the Underlying AI Models and deployers.

3.2. Exclusion of control: Seeweb does not generate, modify, curate, filter, or exercise any editorial control over the content of the Input/Prompt inserted by the Subscriber as well as of the Outputs generated by the Underlying AI Models. Seeweb expressly disclaims any responsibility or liability for the content, accuracy, legality, or completeness of such contents.

3.3. Reliance on third parties: the functionality of the Inference Service is entirely dependent on the availability and operation of the Underlying AI Models, which are provided by third-party providers and hosted on Seeweb infrastructure. Seeweb makes no representation or warranty regarding the performance or continued availability of the Underlying AI Models.

3.4. Security of the supply chain: in compliance with its obligations under applicable cybersecurity regulations, including Directive (EU) 2022/2555 (NIS2 Directive), Seeweb adopts a risk-based approach to manage cybersecurity risks within its supply chain. This includes the security aspects concerning the relationships between Seeweb and its direct service providers. Seeweb shall take appropriate and proportionate measures to assess and manage the risks associated with its suppliers.

3.5. No control on Underlying AI Models: the Subscriber acknowledges that the Inference Service relies on third-party Underlying AI Models hosted on Seeweb infrastructure, as specified in Section 3.3. While Seeweb undertakes the measures described above, Seeweb’s role remains that of a technical conduit. Seeweb does not control and is not responsible for the internal security architecture, data processing, or potential vulnerabilities of the Underlying AI Models themselves. The provider of the Underlying AI Model remains responsible for ensuring an adequate level of cybersecurity for its own model and infrastructure, in accordance with applicable laws, such as Regulation (EU) 2024/1689 (AI Act) as well as compliance with any other applicable law, including data protections legislations.

3.6 Seeweb shall not be liable for any security incident, data breach, or other damage arising from a vulnerability or malicious act originating within the infrastructure or software of a third-party provider of an Underlying AI Model, except to the extent such incident was directly caused by Seeweb’s gross negligence in managing its direct contractual relationship with said provider.

  1. Subscription and payment terms

4.1. Subscription Plans: Seeweb offers Regolo on a flat or per use Subscription Plan to be chosen between those offered on the Website. A first thirty (30) days Subscription Plan (“Freemium Plan”) is offered for free for any new user, with the option to subscribe a monthly FLAT or annual PER USE Subscription Plan at the end of the free period of use. The applicable Subscription Fees and usage limitations for each Subscription Plan are detailed on the Website.

4.1.1. FLAT Subscription Plan (Core or Boost): by subscribing these Subscription Plans the Customer has a limited number of tokens included on a monthly subscription basis. The applicable Subscription Fees and usage limitations for each kind of Subscription Plan are detailed on the Website.

4.1.1. PER USE Subscription Plan: by subscribing to this Subscription Plan the Customer can enjoy Regolo for twelve (12) months of Term with no limitation on the number of tokens to be used. The Subscription Fee is paid on the basis of the use of the Inference Service as per PRICE LIST in force at the time of the Subscription Plan purchase or its renewal.

4.2. Payment: Subscription Fees are paid by PayPal in advance and are non-refundable, except as expressly provided in these Terms. The Subscriber hereby authorizes Seeweb to charge the designated payment method on the first day of each Subscription Term or its renewal. If the payment request is declined by your bank, Seeweb will make further attempts and in the meantime, the User Account can be suspended. In the event of non-payment, the Subscriber’s Account may be cancelled without further notice as per Section 2.3 above.

4.3. Renewal: all Subscriptions Plans shall automatically renew for an equivalent Subscription Term – i.e one (1) month for flat Subscription Term and twelve (12) months for the PER USE Subscription Plan – unless the Subscriber unsubscribes on his personal area of the Website before the end of each Subscription Term.

  1. Prohibitions

5.1. Prohibited High-Risk Uses: the Subscriber is strictly prohibited from using the Underlying AI models and the Inference Service provided by Seeweb for any purpose that qualifies as a “high-risk AI system” as defined under Article 6 and Annex III of the EU AI Act (Regulation (EU) 2024/1689) or any equivalent applicable legislation. Prohibited sectors include, but are not limited to: (a) critical infrastructure management; (b) educational and vocational training; (c) employment, workers management, and access to self-employment; (d) access to and enjoyment of essential private and public services (e.g., healthcare, credit scoring); (e) law enforcement; (f) migration, asylum, and border control; and (g) administration of justice and democratic processes.

5.2 Material breach for prohibited use: any use of the Service for high-risk applications, or for any illegal/fraudulent use shall constitute a material breach of these Terms and Conditions, leading to immediate suspension of the Service.

  1. Subscriber warranties and indemnification

6.1 Compliance with Laws: the Subscriber warrants and represents to be compliant with any applicable legislation in the matters of artificial intelligence, intellectual property (copyright) and protection of personal data. Furthermore, the Subscriber warrants and represents that: (a) the Inputs/Prompts will not violate any applicable local, national, or international law or regulation, including but not limited to laws governing intellectual property, data protection, defamation, and anti-discrimination. (b) The Subscriber’s use of Regolo and the Outputs will be in strict compliance with all applicable laws and regulations (the “Permitted Use”). (c) The Subscriber shall be solely responsible for verifying the accuracy, appropriateness, and legality of the Inputs/Prompts and/or Outputs prior to any external or commercial use.

6.2 Risk classification: the Subscriber assumes full and sole responsibility for determining the risk classification of their specific application and for fulfilling all subsequent legal obligations, including but not limited to: conformity assessments, technical documentation, post-market monitoring, and (in case) registration in the EU database for high-risk AI systems.

6.3. Indemnification: the Subscriber shall defend, indemnify, and hold harmless Seeweb, its affiliates, directors, officers, and employees from and against any and all claims, damages, liabilities, losses, costs, and expenses or regulatory fines (including reasonable attorneys’ fees) arising out of or in connection with: (a) the Subscriber’s use of the Service in a manner that triggers high-risk obligations or violates the AI Act or any other applicable data protection laws (e.g., GDPR); b) any claim that the Subscriber’s Inputs/Prompts or the Outputs resulting from the Subscriber’s use infringe, misappropriate, or violate the intellectual property rights or other rights of a third party; or (c) any breach of the Subscriber’s warranties under Section 6.1, 6.2, including any use of the Service or the Outputs that constitute prohibited use or is non-compliant with applicable law.

  1. Account security and confidentiality

7.1 The Subscriber shall be solely responsible for maintaining the confidentiality and security of its login credentials, and any other access information utilized to access his Account and the Service (the “Access Credentials”).

7.2 The Subscriber shall not share, transfer, or allow any unauthorized third party to use its Access Credentials and shall promptly notify Seeweb immediately upon becoming aware of any actual or suspected unauthorized access to or use of the Service or the Access Credentials.

7.3 Seeweb shall not be liable for any loss or damage arising from the Subscriber’s failure to comply with Section 7.

7.4 Any use of the Service utilizing the Subscriber’s Access Credentials shall be deemed to be an authorized use by the Subscriber, and the Subscriber shall be fully responsible for all such usage, including all associated Subscription Fees and compliance obligations.

  1. Limitation of liability and disclaimer of warranties

8.1. Disclaimer: THE SERVICE IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS (please, see the Level of Service “SLA” in force and provided by Seeweb on the Website). SEEWEB EXPRESSLY DISCLAIMS ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

8.2. Limitation of Liability: TO THE MAXIMUM EXTENT PERMITTED BY LAW (EXCEPT FOR CASES OF WILLFUL MISCONDUCT OR GROSS NEGLIGENCE), SEEWEB SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR ANY LOSS OF PROFITS OR REVENUES, COSTS OR FINES IMPOSED, WHETHER INCURRED DIRECTLY OR INDIRECTLY, OR ANY LOSS OF DATA, USE, GOODWILL, OR OTHER INTANGIBLE LOSSES, RESULTING FROM (i) THE USE OR INABILITY, FULL OR PARTIAL, TO USE THE SERVICES; (ii) THE CONDUCT OR CONTENT OF ANY THIRD PARTY; OR (iii) ANY UNAUTHORIZED ACCESS, USE, OR ALTERATION OF THE SUBSCRIBER’S TRANSMISSIONS OR CONTENT. SEEWEB’S TOTAL CUMULATIVE LIABILITY UNDER THESE TERMS SHALL NOT EXCEED THE TOTAL FEES PAID BY THE SUBSCRIBER FOR THE SERVICES IN THE ONE (1) MONTH IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM.

  1. Governing Law and Jurisdiction

9.1. Governing Law: this Agreement and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) shall be exclusively governed by and construed in accordance with the laws of Italy.

9.2. Jurisdiction: the Parties irrevocably agree that the Court of Milan (Italy), shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with the Agreement or its subject matter or formation.

  1. Data protection

10.1 Pursuant to the Regulation (EU) 2016/679 – GDPR, Seeweb is the data controller of the personal data of the user processed to open the User Account, use the Website, sign-in the Inference Service and manage privacy preferences. As better specified in our Privacy Policy, Seeweb acts also as data processor in routing the personal data communicated by the Subscriber to the Underlying AI Model hosted on Seeweb infrastructure and chosen by the Customer. The relationship between the Subscriber (as Data Controller) and Seeweb (as Data Processor) is governed by a separate Data Processing Agreement (DPA), which forms an integral part of the service agreement and which the Subscriber accepts upon Subscription.

Frosinone, 28 January 2026

Seeweb s.r.l.

DATA PROCESSOR AGREEMENT

ART. 28 OF EU REGULATION 2016/679 (GDPR)

The Subscriber, as signed in the Regolo website acting as the Data Controller pursuant to Regulation EU 2016/679 (GDPR), hereinafter referred to as “Controller”, and Seeweb Srl, in its capacity as the legal representative pro tempore, with registered and operational offices at Via A. Vona, 66 – 03100 Frosinone (FR) – northern branch: Via Caldera, 21 – 20153 Milan (MI), VAT number 02043220603, info@seeweb.it, Tel +39 0775 880041, Fax +39 0775 830054, Seeweb Srl, DPO contact: dpo@seeweb.it, acting as the Data Processor pursuant to Regulation EU 2016/679 (GDPR), hereinafter referred to as “Processor”; collectively referred to as the “Parties.”

Whereas

The Controller subscribed the Regolo Inference Service by accepting the Terms & Conditions (“Contract”), for the purposes of executing said Contract, the Processor shall process Personal Data on behalf of the Controller.

Controller acts as Data Controller with respect to the Personal Data it processes, establishing the purposes, methods, and means of processing.

Processor possesses adequate technical skills and know-how regarding data protection and the security measures to be adopted to ensure the confidentiality, integrity, and availability of the data, as well as a thorough understanding of the regulations governing data protection.

With this agreement, which constitutes an integral part of the Contract, the Controller, as Data Controller, appoints the Processor, as Data Processor pursuant to Article 28 of the GDPR and related paragraphs.

By signing this document, the Parties intend to regulate their mutual relationships regarding the processing of Personal Data carried out by the Processor on behalf of the Controller.

1. Controller

The Controller:

  • is responsible for ensuring that Personal Data, as identified in the par. 3 above, is processed in compliance with all applicable data protection laws (including, without limitation, the GDPR) in connection with the processing of Personal Data under this agreement.;
  • is subject to the obligations under the GDPR and national data protection laws;
  • provides the Processor, in a timely manner and where applicable, with any information necessary for the Processor’s proper fulfillment of this agreement, the GDPR, and national data protection laws;
  • is entitled to obtain from the Processor information regarding the organizational and security measures adopted by the Processor to demonstrate compliance with the undertakings agreed;
  • is entitled to order, audits or controls regarding compliance with this agreement and the processing of Personal Data by the Processor.

These obligations apply whether the Controller acts as a primary Data Controller or as a Data Processor on behalf of third-party clients. Specifically, the Controller is solely responsible for ensuring a valid legal basis for processing and for fulfilling all transparency obligations toward Data Subjects.

2. Data Processor

The Processor:

(a) possesses no knowledge of, nor control over, the specific purposes, objectives, or logic for which the Controller (or its end-users) deploys and utilizes the Underlying AI systems hosted by the Data Processors;

(b) does not access or monitor the content of the data processed by the AI systems, except as strictly necessary for technical maintenance or as expressly instructed in writing by the Controller;

(c) shall not be responsible for assessing the risks, lawfulness, ethics, or regulatory compliance of the AI models or the specific processing activities performed by the Controller.

Seeweb, as Data Processor:

  • undertakes to Process only those Personal Data necessary for the performance of the Contract;
  • processes Personal Data only upon instructions from the Controller, unless required by law to which the Processor is subject. In this case, the Processor shall inform the Controller of this legal obligation prior to processing, unless prohibited by law for important reasons of public interest;
  • in the specific case of fulfilling this agreement, the Processor undertakes to comply with the GDPR and to take into account the provisions on the protection of Personal Data and national privacy and personal data protection regulations;
  • undertakes to cooperate with the Controller to ensure the proper processing of Personal Data and undertakes to provide the Controller with any information requested by the latter to fulfill legal obligations;
  • immediately informs the Controller if it believes that the Controller’s instructions conflict with the GDPR or other personal data protection legislation;
  • grants access to Personal Data processed on behalf and under the authority of the Controller only to persons and entities entrusted with processing under the Contract, and who have undertaken to maintain confidentiality, comply with the GDPR, national privacy and personal data protection regulations, and legal obligations.

3. Nature of Processing, Type of Personal Data, Categories of Data Subjects

The processing consists of the mere technical transit of User’s Personal Data to the Underlying AI models selected by the Controller and hosted in the Data Controller’s cloud, aimed to perform the Inference Service

The following data, which include any categories of data, is processed by Processor on behalf of the Controller:

  • user content (Inputs): Any text, information, data, token or files, end to end encrypted, uploaded or submitted by the User to the Inference Service to be processed by the Underlying AI models hosted on our cloud. Processor does not access, store or analyze such contents;
  • generated content (Outputs): The results (text, images, files etc.) produced by the Underlying AI models in response to the User Inputs. Processor does not access, store or analyze such contents.

This agreement covers all types of personal data and categories of data subjects whose the above personal data belong.

4. Security of Processing

Pursuant to Article 32 of the GDPR, the Processor implements technical and organizational measures to ensure a level of security appropriate to the risk of processing, the security of personal data, and to prevent unauthorized processing or processing that does not comply with the purposes of this document.

Processor must assess the risks inherent in the processing activity entrusted to it by the Data Controller. The Controller will provide the Processor with all the information necessary to identify and assess such risks and implement measures to mitigate such risks.

Processor undertakes to:

  • adopt the technical and organizational measures referred to in Article 32 of the GDPR to ensure the confidentiality, integrity, and availability of the personal data processed;
  • provide the Controller with a description of the physical, technical, and organizational measures applied to the Processing;
  • establish and maintain a register of processing activities pursuant to Article 30 of the GDPR and make it available to the Controller upon request.

For the underlying infrastructure, the Processor adopts compliance with information security management system standards, and compliance with mandatory security and continuity regulations. Processor does not access, store or analyze the Personal Data.

The Processor’s security policies and procedures include, but are not limited to: management responsibilities, organizational and personnel controls, security training for all personnel and management, risk management, periodic audits, vendor security management, notifications and third parties, facility and data center controls, secure physical and logical access, business continuity, backup and disaster recovery, incident management, operational controls, maintenance and change, network security, secure development, monitoring and logging, encryption, anti-malware, threat intelligence, and data leakage prevention. For any further information please check our privacy policy or contact us.

5. Sub-Processors

Processor complies with the obligations set forth in Article 28 of the GDPR to potentially engage another data processor (hereinafter also “Sub-Processors”).

Processor shall not engage one or more Subcontractors (hereinafter also “Sub-Processors”) to perform the processing operations covered by the Agreement and this document without the written authorization of the Controller.

Processor undertakes to designate Subcontractors as Sub-Processors, who assume the same data protection obligations to which the Processor has committed under this agreement, by signing specific appointment agreements.

Processor shall maintain a list of Sub-Processors authorized by the Controller. The Processor undertakes to inform the Controller of any changes regarding the addition or replacement of other Sub-Processors, thus giving the Controller the opportunity to object to such changes.

Processor must notify the Controller of any failure by the Sub-Processors to fulfill its obligations under this agreement. The Processor is responsible for ensuring that the Sub-Processors complies with the obligations to which the Controller is subject under the GDPR.

Processor undertakes not to communicate, transfer, or share the Controller’s Personal Data with third parties, unless required by law and with prior notice to the Controller.

6. International Data Transfers

Personal Data are stored on servers located within the European Union.

If the Personal Data to in this document by the Controller must be transferred to countries outside the European Union, the Processor may transfer or process the data outside the European Union only with the written authorization of the Controller.

The Processor undertakes to limit the circulation and processing of Personal Data to countries within the European Union, prohibiting the transfer of data to non-EU countries that do not guarantee the adequate levels of protection required by the GDPR.

7. Rights of Data Subjects

Processor assists and supports the Controller with appropriate technical and organizational measures, to the extent possible, to fulfill the Controller’s obligation to respond to the data subject’s rights, within the context in which the Processor operates and under this Agreement, in compliance with the terms set forth in Article 12 of the GDPR.

8. Assistance to the Controller

Processor recognizes the Controller’s right to conduct checks, inspections, and audits, at the Controller’s expense, regarding compliance with this agreement and the processing of Personal Data.

Processor assists the Controller in ensuring compliance with the Controller’s obligation to notify the competent supervisory authority of a personal data breach (Data Breach) of this agreement without undue delay and, where possible, no later than 72 hours after the Controller becomes aware of the breach, pursuant to Article 33 of the GDPR. Processor must notify the Controller within 48 hours of the Controller becoming aware of a personal data breach (Data Breach) of this agreement, pursuant to Article 33 of the GDPR.

Processor assists the Controller, with respect to the Personal Data processed under this agreement, in ensuring, where applicable, compliance with the obligations relating to: the security of processing; to the communication of a personal data breach to the data subject pursuant to Article 34 of the GDPR; to the data protection impact assessment pursuant to Article 35 of the GDPR; to the prior consultation pursuant to Article 36 of the GDPR.

9. Term and Final Provisions

This appointment has the same duration as the Contract and, therefore, will terminate upon full fulfillment of the Contract. Therefore, processing must last no longer than is necessary for the purposes for which the Personal Data were collected.

Pursuant to the provisions of art. 82 of the GDPR, the Controller has the right to claim compensation from the Processor for damages in an amount corresponding to its share of liability for the damage.

The competent court is the Court of Milan, and the applicable law is Italian law.

January 2026