Boo

Boo Lab, Inc.

Terms of Service and Master Subscription Agreement

Version 0.2 • Last updated: June 5, 2026

This Master Subscription Agreement and Terms of Service (the Agreement) is between Boo Lab, Inc. and the customer that accepts it. It governs access to and use of Boo and related services. Part A contains the subscription terms that apply to the customer. Part B contains the individual user terms that apply to each person who uses Boo on the customer's behalf.

Part A. Subscription terms

Account creation, acceptance, and ownership

Anyone may create an account and start using Boo. You accept this Agreement by clicking to agree, completing signup, or accessing or using the Services. An enterprise customer may also accept by signing an Order Form that references this Agreement. You may create an account for an organization, such as your employer or company, or for yourself.

If you create or use an account for an organization, you represent that you have authority to bind that organization, and that organization is the Customer. If you do not have that authority, you are the Customer and you are personally responsible under this Agreement until the organization formally adopts the account. If you create an account for yourself, you are the Customer.

The first person to create an account for an organization creates that organization's account and may invite others to join as Authorized Users. Administration and ownership of an organization's account may later be claimed by, or transferred to, a verified owner or authorized representative of that organization, after which that owner controls the account. Boo may take reasonable steps to verify ownership before a transfer, may rely on the account's current administrators until then, and may pause or decline a transfer if organizational authority is disputed.

You must be at least 18 years old to create an account or use the Services. The Services are available to organizations and to individuals. The Services are not directed to children, and you must not allow anyone under 18 to use the Services.

Boo serves both self-service customers and enterprise customers under this same Agreement, so the same terms apply whether a customer signs up online or signs an Order Form. If a customer later signs an enterprise Order Form, the Order Form and this Agreement govern together, and the Order Form controls where it conflicts.

Agreement structure

This Agreement includes the applicable Order Form or online order record, this Master Subscription Agreement, the AI Terms of Use, the Privacy Policy, the Data Processing Addendum where applicable, the Security Addendum, the Usage, Billing, and Credits Terms, the Acceptable Use Policy, the Subprocessor and Model Provider Policy, and any other written addendum agreed by the parties. These documents are incorporated by reference.

Definitions

Affiliate means any entity that directly or indirectly controls, is controlled by, or is under common control with a party.

Account means the workspace or organization account created in the Services, including a self-service account created by the first user for an organization or for themselves.

Authorized User means an employee, contractor, agent, or other individual whom Customer authorizes to use the Services on Customer's behalf. For a self-service account, the individual who signs up is both the Customer and an Authorized User unless the account is administered by an organization.

Boo means the agentic AI coworker product provided by Boo Lab, Inc., including software, interfaces, connectors, workflows, skills, generated apps, automations, agents, tools, APIs, documentation, and related services.

Boo Technology means the Services, software, agents, orchestration, prompts, system instructions, evaluations, safety systems, connectors, APIs, model routing, user interface, documentation, templates, generic workflows, General Skills, Generalized Learnings, analytics, usage metering, and improvements. Boo Technology excludes Customer Data.

Confidential Information means non-public information disclosed by one party to the other that a reasonable person would understand to be confidential, including Customer Data, product plans, pricing, business plans, security information, technical information, and the terms of this Agreement.

Customer Data means all data, content, prompts, files, messages, code, database content, warehouse data, support tickets, documents, calendar data, email data, contacts, business records, personal data, outputs, generated reports, generated apps, private memories, Private Skills, and other information submitted to, accessed by, generated through, or processed by the Services for Customer. Customer Data does not include Boo Technology, even if Boo Technology is used to process, display, host, or generate Customer Data.

Customer-Approved Provider Setting means, where applicable, an admin control, clearly labeled and off by default, that a Customer affirmatively turns on to permit a specific data use by a specific model provider, such as permitting a provider to use Customer Data to improve or train that provider's models. The default for every model provider is no training on Customer Data. A Customer-Approved Provider Setting is a form of Explicit Approval and never takes effect without the Customer's affirmative action.

Explicit Approval means a clear and documented approval by Customer for a specific data use. Explicit Approval may be given in an Order Form, a separate written agreement, or an admin control that is clearly labeled for the approved use and turned on by the Customer. Ordinary use of the Services, feedback, support requests, or payment for the Services does not by itself create Explicit Approval.

General Skill means a reusable Boo capability, workflow, template, evaluator, rubric, method, or tool that does not contain or reveal Customer Data.

Generalized Learnings means non-identifying ideas, methods, know-how, workflows, templates, abstractions, evaluation criteria, quality improvements, model routing patterns, safety improvements, statistical insights, and product improvements learned from operating Boo, provided they do not contain Customer Data, are not derived from any single Customer in a way that reveals that Customer's confidential information, and do not reasonably identify Customer, any user, any individual, or any confidential Customer information.

Order Form means any ordering document, checkout, online subscription flow, invoice, statement of work, or other written or electronic ordering record accepted by Boo.

Private Skill means a Boo skill, workflow, memory, automation, template, report, app, or process created from or containing Customer Data, customer-specific examples, customer-specific corrections, customer-specific business rules, customer-specific code, or customer-specific operating context. Private Skills are Customer Data.

Services means Boo and all related products and services provided by Boo Lab, Inc.

Usage Charges means charges based on use of the Services, including model use, tokens, tool calls, compute, indexing, storage, embeddings, background jobs, public web retrieval, generated app hosting, connector activity, orchestration, and third-party service costs passed through or reflected in Boo pricing.

Access to the Services

Subject to this Agreement and the applicable Order Form, Boo grants Customer a limited, non-exclusive, non-transferable right to access and use the Services during the subscription term for Customer's own internal purposes, whether business or personal.

Authorized Users

Customer is responsible for its Authorized Users and for activity under Customer's accounts, tokens, credentials, integrations, and workspaces. Customer will ensure that Authorized Users comply with this Agreement.

Boo Lab team access for support and debugging

Boo Lab personnel may access Customer's environment solely to investigate, diagnose, and resolve issues reported by Customer or identified during support operations. All such access:

  1. requires an explicit internal access request and approval within Boo Lab before access is granted;
  2. is limited to the minimum number of personnel necessary to diagnose and resolve the issue;
  3. is limited to the minimum scope and duration necessary to diagnose and resolve the issue;
  4. is logged and subject to Boo Lab's internal access controls;
  5. is governed by the confidentiality obligations of this Agreement; and
  6. is not used to train AI models or to share Customer Data with other customers.

Boo Lab will notify Customer before accessing its environment. Where prior notice is not practicable due to urgency, Boo Lab will notify Customer promptly after access. Customer may request a log of access events through a support channel.

Source-system permissions and credentials

Boo accesses connected systems through tokens, API keys, credentials, accounts, scopes, and permissions provided or authorized by Customer. If a credential does not have access to a system, record, file, message, database table, repository, or other resource, Boo does not have access to that resource through that credential. Boo does not bypass source-system access controls.

Customer is responsible for configuring source-system permissions, token scopes, credential rotation, revocation, and connected system access policies.

How Boo acts on your behalf, and your responsibility for it

Boo carries out the instructions given by Customer and its Authorized Users, and acts within the access granted by the tokens, API keys, credentials, scopes, and permissions Customer connects. Customer decides what Boo can do by deciding what to connect, what scopes to grant, and what to instruct. Within that access, Boo does what it is asked to do.

Boo is not required to seek confirmation, give advance warning, create backups, or independently verify an instruction before acting, and Boo does not do so unless Customer has configured a feature that provides it. Customer is solely responsible for the instructions that Customer and its Authorized Users give, and for the results, including actions that are irreversible or destructive, such as deleting, overwriting, or modifying data, closing or changing records and tickets, sending messages or communications, changing code, and making or authorizing payments. Customer is responsible for maintaining its own backups and for granting only the access it intends Boo to have.

Customer should grant scopes and issue instructions carefully and should review Boo's work, especially before any external, irreversible, regulated, or otherwise significant action. Boo does not grant itself access or authority beyond what Customer configures. Where Boo provides approval flows, confirmation settings, permission controls, sandbox modes, spending caps, or other safeguards, Customer is responsible for configuring those controls for its intended use.

Public web and external information

Boo may access or use public web information and external sources when a task requires current, public, or third-party information, or when public retrieval is available within the Services. Customer may request special public web restrictions through an Order Form or supported admin control.

Restrictions

Customer will not use the Services in violation of the Acceptable Use Policy. Customer will not reverse engineer the Services, interfere with the Services, bypass usage limits, resell the Services except as expressly permitted, remove proprietary notices, or use the Services to build a competing AI model or agent platform using Boo Technology.

Customer Data ownership

As between the parties, Customer owns and controls Customer Data. Boo does not sell Customer Data. Customer grants Boo the limited rights necessary to process Customer Data to provide, secure, maintain, support, bill for, and improve the Services for Customer, to operate workspace memory and Private Skills for Customer, to comply with law, to enforce this Agreement, and to prevent abuse. Boo does not use Customer Data to improve the Services for other customers except through Generalized Learnings that contain no Customer Data.

No Customer Data training without approval

Boo will not use Customer Data to train foundation or generative AI models unless Customer gives Explicit Approval. Boo will require third-party model providers that process Customer Data for the Services to agree not to use Customer Data to train their models unless Customer gives Explicit Approval, including through a Customer-Approved Provider Setting. The default for every model provider is no training on Customer Data.

Inference, retrieval, and workspace memory

Boo may use Customer Data at inference time to answer questions, perform tasks, retrieve context, build indexes, create embeddings, generate summaries, run workflows, maintain private workspace memory, and improve Boo for that Customer. These activities are part of providing the Services and are not model training as used in this Agreement.

Your skills, templates, and content

Boo does not claim ownership of the skills, templates, workflows, memories, or other materials that Customer or its users create through the Services. Creating a Private Skill in Boo does not give Boo ownership of it, in the same way that creating a document or a custom template in office software does not give the software vendor ownership of the customer's document or template. Private Skills are Customer Data and are used only for that Customer unless Customer expressly chooses to share or publish them.

Boo retains ownership of the application, the generic and reusable capabilities it provides, and the General Skills and Generalized Learnings it builds, in the same way that an office software vendor owns its application and the generic templates it ships.

Outputs

Subject to Boo's ownership of Boo Technology and third-party rights, Customer owns outputs generated for Customer through the Services to the extent permitted by law. Boo assigns to Customer any rights Boo has in such outputs, excluding Boo Technology, General Skills, Generalized Learnings, generic components, reusable templates, platform code, and third-party materials.

Because AI systems can generate similar or identical outputs for different users, Customer's ownership of an output does not prevent Boo or other customers from independently generating or using similar outputs.

Customer is responsible for reviewing outputs for third-party rights, licensing restrictions, accuracy, security, compliance, and suitability before publication, distribution, deployment, or commercial use.

Boo Technology ownership

Boo and its licensors retain all rights in Boo Technology. No rights are granted except as expressly stated in this Agreement. Customer Data is excluded from Boo Technology.

General Skills and Generalized Learnings

Boo may create, use, modify, commercialize, transfer, and improve General Skills and Generalized Learnings. General Skills and Generalized Learnings must not contain or reveal Customer Data, must not be derived from any single Customer in a way that reveals that Customer's confidential information, and must not reasonably identify Customer, any user, or any individual. Boo applies internal controls designed to keep this boundary effective, including measures so that general capabilities reflect non-identifying methods rather than the specific content, records, or confidential processes of any one Customer. Private Skills remain customer-specific unless Customer expressly chooses to share or publish them.

Feedback

Customer may provide suggestions, comments, or feedback. Boo may use feedback without restriction or compensation, provided Boo does not use Customer Data in a manner prohibited by this Agreement.

Fees and Usage Charges

Customer will pay all fees and Usage Charges described in the Order Form, pricing page, usage dashboard, or invoice. Usage Charges may vary based on models, tasks, connectors, compute, storage, background jobs, web retrieval, app hosting, third-party services, and other usage factors. The Usage, Billing, and Credits Terms apply.

Model optimization and cost control

Boo may route tasks among models, tools, infrastructure, and service providers based on quality, latency, cost, availability, safety, and task requirements. Boo may use lower-cost models or tools when Boo determines they are suitable for the task. Boo does not guarantee a specific model unless an Order Form states otherwise.

Credits and payment method

Boo may require Customer to maintain prepaid credits, a valid payment method, or both. If Customer's credits are exhausted, payment method fails, or account becomes delinquent, Boo may suspend or stop some or all Services until credits are replenished or a valid payment method is added.

Invoicing

Unless an Order Form states otherwise, Boo may invoice monthly in arrears for Usage Charges and other fees, or charge a payment method at the time of usage or recharge for self-service accounts. Customer will pay undisputed invoices within the payment period stated in the Order Form or, if no period is stated, within 15 days after invoice date.

Taxes

Fees are exclusive of taxes. Customer is responsible for taxes, duties, levies, and similar assessments, except taxes based on Boo's net income.

Billing disputes

Customer must notify Boo of a billing dispute within 15 days after invoice date and must describe the disputed amount and reason. Undisputed amounts remain payable.

Security

Boo will maintain administrative, technical, and physical safeguards designed to protect Customer Data as described in the Security Addendum. Customer is responsible for its own systems, credentials, network, endpoints, connected services, access scopes, and user administration.

Data processing

If Boo processes personal data on behalf of Customer, the Data Processing Addendum applies.

Regulated data. Customer must not use the Services to process protected health information, payment card data subject to PCI DSS, government classified information, export-controlled technical data, or other regulated data requiring special contractual terms unless Boo has expressly agreed to that use in an Order Form or signed addendum.

Subprocessors and model providers

Boo may use subprocessors and model providers as described in the Subprocessor and Model Provider Policy. Boo will require subprocessors and model providers to protect Customer Data through appropriate contractual obligations.

Confidentiality

Each party will protect the other party's Confidential Information using reasonable care and at least the same care it uses to protect its own similar confidential information. A receiving party may use Confidential Information only to perform under this Agreement and may disclose it only to personnel, affiliates, advisors, contractors, subprocessors, and service providers who need to know it and are bound by confidentiality obligations.

Confidential Information does not include information that is public without breach of this Agreement, known by the receiving party without confidentiality obligation, independently developed without use of Confidential Information, or rightfully received from a third party without confidentiality obligation.

A receiving party may disclose Confidential Information when required by law, subpoena, court order, or government authority, provided it gives notice when legally permitted and cooperates with reasonable protective efforts.

Warranties

Each party represents that it has authority to enter into this Agreement. Boo warrants that it will provide the Services in a professional manner consistent with this Agreement.

AI output disclaimer

Customer understands that AI output may be inaccurate, incomplete, outdated, non-unique, unsafe for a particular use, or unsuitable for Customer's needs. Customer is responsible for evaluating outputs and deciding how to use them.

Disclaimer

Except as expressly stated, the Services are provided as is and as available. Boo disclaims all warranties to the maximum extent permitted by law, including implied warranties of merchantability, fitness for a particular purpose, non-infringement, uninterrupted operation, and error-free operation.

Indemnification by Boo

Boo will defend Customer against third-party claims alleging that Boo Technology infringes intellectual property rights and will pay damages finally awarded or settlements approved by Boo. Boo has no obligation for claims arising from Customer Data, Customer instructions, modifications not made by Boo, combination with items not provided by Boo, or use outside this Agreement.

Indemnification by Customer

Customer will defend Boo against third-party claims arising from Customer Data, Customer's use of the Services in violation of this Agreement, Customer's connected systems, Customer's credentials, or Customer's violation of law, and will pay damages finally awarded or settlements approved by Customer.

Limitation of liability

Except for excluded claims, each party's total liability under this Agreement will not exceed the amounts paid or payable by Customer to Boo under this Agreement, including any Order Form, during the 12 months before the event giving rise to liability.

The limitation of liability does not apply to payment obligations, misuse of intellectual property, indemnification obligations, or liability that cannot be limited by law.

For confidentiality breaches and data security incidents, each party's total liability will not exceed the greater of two times the amounts paid or payable by Customer to Boo during the 12 months before the event giving rise to liability or $100,000, unless an Order Form states otherwise.

Neither party will be liable for indirect, incidental, special, consequential, exemplary, or punitive damages, or for lost profits, lost revenue, lost goodwill, or business interruption, even if advised of the possibility.

Term

This Agreement begins on the effective date of the first Order Form or the date Customer first accepts it online, and continues until all Order Forms expire or are terminated, or until the self-service account is closed.

Suspension and termination

Either party may terminate this Agreement or an Order Form for material breach if the breach is not cured within 30 days after written notice. Boo may suspend or terminate access immediately for security risk, violation of the Acceptable Use Policy, legal requirement, payment failure, or use that risks harm to Boo, Customer, users, third parties, or the Services. Where the reason for suspension is not an emergency and does not require immediate action by law, Boo will provide notice and a reasonable opportunity to cure before suspending an enterprise account.

Effect of termination

Upon termination, Customer's right to use the Services ends. Customer will pay all fees and Usage Charges incurred through the effective date. Boo will handle Customer Data according to the Data Processing Addendum, retention settings, and applicable law.

Changes to these terms

Boo may update this Agreement and the incorporated policies from time to time. For self-service accounts, updates take effect when posted or on the date stated, and continued use after the effective date is acceptance. For an enterprise customer with a paid subscription term under an Order Form, Boo will not make changes to this Agreement or the incorporated policies that materially reduce the security, privacy, or data protection commitments applicable to that customer during the paid term, except where required by law or agreed by the parties. Boo will provide reasonable notice of material changes.

Export and compliance

Customer will comply with all applicable laws, including export controls, sanctions, privacy laws, anti-corruption laws, and industry-specific obligations.

Assignment and business transfers

Customer may not assign this Agreement without Boo's prior written consent, except to an affiliate or successor in connection with a merger, reorganization, or sale of substantially all assets if the assignee agrees to be bound by this Agreement.

Boo may assign this Agreement to an affiliate or successor in connection with a merger, acquisition, financing, reorganization, sale of assets, or similar transaction. Any successor that receives Customer Data must handle Customer Data subject to this Agreement unless Customer agrees otherwise. Boo Technology, General Skills, Generalized Learnings, de-identified data, aggregated data, service improvements, and other non-Customer Data assets may be transferred as Boo assets.

Governing law and venue

This Agreement is governed by the laws of the jurisdiction stated in the Order Form. If no jurisdiction is stated, this Agreement is governed by the laws of the State of Delaware, without regard to conflict of law rules, and the state and federal courts located in Delaware will have exclusive jurisdiction, except that either party may seek injunctive relief in any court of competent jurisdiction.

Notices

Notices must be sent to the addresses or electronic notice channels stated in the Order Form or account. Boo may provide operational notices through the Services, email, admin console, or billing portal.

Force majeure

Neither party is liable for delay or failure caused by events beyond its reasonable control, including natural disasters, war, terrorism, labor disputes, cloud provider failures, internet failures, government action, and widespread outages.

Order of precedence

If documents conflict, the order of precedence is: the Order Form, any signed addendum, the Data Processing Addendum for privacy and data protection matters, the Security Addendum for security matters, the AI Terms of Use for AI-specific matters, this Master Subscription Agreement, and then the other incorporated policies, except where an Order Form or signed addendum expressly states a different order for a specific issue.

Entire agreement

This Agreement is the entire agreement between the parties regarding the Services and supersedes prior or contemporaneous agreements on that subject.

Part B. Individual user terms

This Part B applies to each individual who accesses or uses Boo on behalf of a customer. If you use Boo for your employer or another organization, that organization is the Customer and you are an Authorized User. If you signed up for a self-service account for yourself, you are both the Customer and an Authorized User.

Authorization

You may use Boo only if you are authorized by Customer and only for Customer's internal business purposes. You must follow Customer's policies and instructions.

Account responsibility

You are responsible for activity through your account, sessions, tokens, credentials, and connected services. You must protect credentials and promptly report suspected compromise to Customer or Boo.

Connected systems

Boo can access connected systems only through the permissions, scopes, tokens, API keys, and credentials that Customer or you provide. If those credentials do not have access, Boo does not have access.

AI output

Boo can generate analyses, recommendations, drafts, code, apps, reports, messages, summaries, and other outputs. Outputs may be inaccurate, incomplete, outdated, non-unique, or unsuitable. You are responsible for evaluating outputs before relying on them or sharing them.

Actions

Boo carries out the instructions you and Customer give it, within the access your connected credentials allow. Boo is not required to confirm, warn, back up, or verify before acting. You are responsible for the instructions you give and for the results, including irreversible actions such as deleting or modifying data, sending messages, changing code, or making payments. Grant access carefully, keep your own backups where it matters, and review Boo's work before any significant action. Customer controls which systems, scopes, and permissions are made available to Boo.

Customer Data

As between Boo and Customer, Customer owns and controls Customer Data. Boo will not use Customer Data to train foundation or generative AI models unless Customer gives Explicit Approval under the customer agreement.

Restrictions

You must not use Boo to violate law, harm others, access data without authorization, bypass security controls, exfiltrate data, send spam, create malware, infringe rights, harass others, or violate the Acceptable Use Policy. You must not reverse engineer Boo or use Boo to build a competing AI model or agent platform.

Generated code and apps

You are responsible for testing, security review, license review, accessibility review, compliance review, and deployment decisions.

Feedback

You may provide feedback. Boo may use feedback as described in the customer agreement, provided Boo does not use Customer Data in a prohibited way.

Suspension

Boo or Customer may suspend your access for security, legal, operational, policy, payment, or abuse reasons.

Updates

Boo may update, modify, add, or remove features from time to time. Some features may be beta or preview features.

No warranty

Boo is provided as is and as available except as expressly stated in the customer agreement. Boo disclaims warranties to the maximum extent permitted by law.

Limitation

To the maximum extent permitted by law, Boo's liability to you is limited as stated in the customer agreement.

Relationship to the customer agreement

If this Part B conflicts with the agreement between Boo and Customer, that customer agreement controls.