Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.spitshake.io/llms.txt

Use this file to discover all available pages before exploring further.

Draft pending counsel review. Material synthesized from public competitor terms (DocuSign, Dropbox Sign, PandaDoc) and authoritative framework sources. Not legal advice. Do not rely on as a final contract until this banner is removed.
These Terms of Service (“Terms”) govern your use of the SpitShake service (“Service”) provided by IVERIFI, LLC, a Connecticut limited liability company doing business as SpitShake and wholly owned by ADS CORP (“Provider”, “we”, “us”). By creating an account, accessing the Service, or executing an order form referencing these Terms, you (on behalf of the organization you represent — “Tenant”, “you”) agree to be bound by these Terms.

1. Definitions

  • Tenant: the organization that subscribes to the Service.
  • Tenant Authorized User: an individual — typically an employee, contractor, or consultant of Tenant — permitted to access the Service using Tenant’s account.
  • Signer: an individual invited by Tenant (or by another Signer on Tenant’s behalf) to execute a document through the Service. A Signer is not a party to these Terms; the relevant agreement between Signer and Tenant is the document being signed and any separate Tenant terms.
  • Identity-Bound Session: a Signer session opened with a cryptographically signed handoff token provided by Tenant after Tenant has verified Signer’s identity through its own identity-verification flow.
  • Handoff Token: the signed token referenced above.
  • Relay Verification: identity verification performed by a third party (for example, Stripe Identity) under Tenant’s relationship with that third party, the result of which is conveyed to Provider through the Handoff Token.
  • Audit Certificate: the cryptographically chained audit record Provider generates alongside each executed document.
  • Content: documents, field values, metadata, and other material uploaded, entered, or transmitted by Tenant or Signers.

2. Acceptable use

Your use of the Service is subject to our Acceptable Use Policy, which is incorporated by reference. Uploading Protected Health Information (PHI) is prohibited unless a Business Associate Agreement is in force between Tenant and Provider.

3. Accounts and authentication

  • Each Tenant Authorized User must have their own login. Credentials are not shareable. A Tenant is responsible for all activity taken under its account.
  • Multi-factor authentication is mandatory for Tenant Authorized Users with administrative privileges, and is strongly encouraged for all other seats.
  • Tenant is solely responsible for custody of any handoff-signing keys issued for Identity-Bound Signing. Compromise of a handoff-signing key is Tenant’s responsibility; rotate immediately via the rotation endpoint and notify Provider.
  • Tenant must notify Provider within 48 hours of becoming aware of unauthorized access to its account. Notice goes to security@spitshake.io.

4. Content and license grants

  • Your content stays yours. Tenant retains all right, title, and interest in Content uploaded to the Service.
  • License to operate. Tenant grants Provider a worldwide, non-exclusive, royalty-free license to host, store, reproduce, transmit, display, modify (solely to render, deliver, and secure), and create technical derivatives (thumbnails, encrypted versions, flattened signed PDFs, audit artifacts) of Content solely as necessary to provide the Service and to meet legal obligations. The license includes transmission to Relay Verification providers where Identity-Bound Signing is used. The license is limited to the purposes described and ends when Tenant deletes Content, except as described in the next paragraph.
  • Audit-chain carve-out. Provider will retain the Audit Certificate and its associated cryptographic chain after termination of the Terms or deletion of Content, for a period of seven (7) years from the date of the underlying executed document. This retention is necessary to preserve the legal defensibility of Tenant’s already-executed documents under ESIGN, UETA, and eIDAS. Retained audit material is pseudonymized where re-identification is not required.
  • No AI training, no sale. Provider does not use Content to train machine-learning or artificial-intelligence models for its own or any third party’s benefit, and does not sell Content or personal data contained in it. See the Privacy Policy for additional commitments on this point.

5. Service availability

The Service is provided AS IS and AS AVAILABLE. Provider does not commit to a specific uptime target in these Terms. Downtime attributable to any of the following is not a breach of these Terms: scheduled maintenance; emergency security patching; force-majeure events (§ 15); outages of Tenant’s identity provider or signing-key infrastructure; outages of third-party identity-verification or time-stamping providers; or misconfiguration of IP allowlists, SSO, or similar Tenant-controlled settings.

6. Fees, renewal, and cancellation

  • Fees are as stated in the order form or subscription confirmation.
  • Auto-renewal. Subscriptions renew automatically for successive periods equal to the initial term unless cancelled in writing at least 30 days before the end of the then-current term.
  • Cancellation. Tenants may cancel a new paid subscription within 30 days of first payment for a full refund, provided the Service was not materially used. After 30 days, fees are non-refundable except as required by law.
  • Seat true-up. Tenant will be invoiced for additional Tenant Authorized Users added during a term on a pro-rata basis. Enterprise plans that include a Business Associate Agreement cannot be pro-rated down mid-term.

7. Warranty disclaimers

Except as expressly stated in § 8, the Service is provided without warranty of any kind, express or implied. Provider disclaims the warranties of merchantability, fitness for a particular purpose, title, non-infringement, accuracy, and any warranty arising from course of dealing or usage of trade.

8. Affirmative warranty — audit-chain integrity

Provider warrants that the Audit Certificate and its associated cryptographic chain, as produced by the Service, are generated using SHA-256 hashing in an append-only manner enforced at the database level, and are linked to an RFC 3161-compliant trusted timestamp. This warranty covers the cryptographic production of the audit artifact; it does not warrant the correctness of Content you supplied, or the correctness of any Relay Verification performed by a third party (see § 9).

9. Identity-bound signing — allocation of responsibility

Provider operates as an execution engine, not an identity provider. Where Identity-Bound Signing is used:
  • Tenant is responsible for determining who the Signer is, for the accuracy of any verified-name claim conveyed in the Handoff Token, and for the security of the handoff-signing key.
  • Provider’s role is limited to verifying the Handoff Token’s authenticity, freshness, and audience; applying the verified name to the signature and initial fields of the document in a way the Signer can review before executing; and binding the token reference into the Audit Certificate.
  • Disputes between a Signer and a Relay Verification provider (for example, Stripe Identity) are between those parties under that provider’s own terms. Provider does not warrant the correctness of a Relay Verification outcome.

10. Limitation of liability

To the maximum extent permitted by law, Provider’s total aggregate liability arising out of or relating to these Terms — whether in contract, tort (including negligence), or otherwise — is limited to the greater of (a) the fees Tenant paid Provider in the 12 months preceding the event giving rise to the claim, or (b) US$100. Neither party is liable for indirect, incidental, consequential, special, or punitive damages, or for lost profits, revenue, goodwill, or data, even if advised of the possibility of such damages. The cap in this § 10 does not apply to: (i) Tenant’s obligations in §§ 3 (accounts), 11 (indemnification), or the AUP; (ii) either party’s breach of confidentiality; or (iii) claims arising from (x) a compromised handoff-signing key under Tenant’s control, (y) upload of PHI in the absence of an active BAA, or (z) gross negligence or willful misconduct. Tenant’s liability to Provider for the matters listed in (iii) is uncapped.

11. Indemnification

  • Provider will defend, indemnify, and hold harmless Tenant from third-party claims alleging that the Service itself (excluding Content) infringes a U.S. copyright, trademark, or patent, and will pay the settlements and judgments a court finally awards in such claims, subject to the cap in § 10.
  • Tenant will defend, indemnify, and hold harmless Provider from third-party claims arising out of (a) Content Tenant uploads or causes to be processed, (b) a dispute between a Signer and Tenant or between a Signer and a Relay Verification provider, or (c) Tenant’s breach of these Terms or the AUP.
  • HIPAA mutual indemnity. Where a BAA is in force, each party will indemnify the other for HIPAA violations caused by its own breach of the BAA.
  • Process. The indemnified party will give prompt notice, tender defense control to the indemnifying party, and cooperate reasonably. The indemnifying party will not settle on terms that impose an obligation on the indemnified party without the indemnified party’s consent.

12. Term and termination

  • Term. These Terms are effective on acceptance and continue until terminated.
  • Termination for convenience. Tenant may terminate for convenience as of the end of the current subscription period by written notice at least 30 days before renewal.
  • Termination for cause. Either party may terminate for material breach not cured within 30 days of written notice. Provider may suspend or terminate immediately for the serious breaches listed in the AUP.
  • Export window. For 60 days after termination, Tenant may export Content through the standard export interfaces. After 60 days, Content will be deleted from primary systems; audit-chain material is retained per § 4.

13. Governing law and disputes

  • Governing law. These Terms are governed by the laws of the State of Connecticut, without regard to conflict-of-laws rules.
  • Binding arbitration. Any dispute arising out of or relating to these Terms will be finally resolved by binding individual arbitration administered by JAMS under its Comprehensive Arbitration Rules, seated in Hartford, Connecticut (or another seat the parties agree to in writing). Judgment on the award may be entered in any court of competent jurisdiction.
  • Class-action + PAGA waiver. To the maximum extent permitted by law, the parties waive any right to bring claims on a class, collective, or representative basis, and waive any right to act as a private attorney general.
  • 30-day opt-out. A consumer Tenant may opt out of this arbitration and class-action waiver by emailing legal@spitshake.io within 30 days of account activation, with the subject line “Arbitration Opt-Out” and the Tenant’s account identifier. Opt-out affects only the individual Tenant that sent the notice.
  • Injunctive relief carve-out. Nothing prevents either party from seeking interim injunctive relief in court to protect intellectual-property rights or confidential information.

14. DMCA

Provider registers a designated agent under 17 U.S.C. § 512(c)(2). Notices of alleged copyright infringement should be sent to the designated agent at dmca@spitshake.io. Counter-notice and repeat-infringer procedures follow 17 U.S.C. § 512 and Provider’s internal policy. Tenants are required to cooperate in takedowns of infringing Content uploaded through their account.

15. Force majeure

Neither party is liable for failure or delay caused by events beyond its reasonable control, including acts of God, war or terrorism, civil disturbance, pandemic, government action, internet or DNS outages, certificate-authority outages, or outages of third-party Relay Verification or time-stamping services. If a force-majeure event continues for more than three (3) months, either party may terminate these Terms by written notice.

16. Export compliance and sanctions

Tenant represents that it is not, and will not use the Service on behalf of any person that is, (a) listed on any U.S. government sanctions list (OFAC SDN, Non-SDN Palestinian Legislative Council, Sectoral Sanctions Identifications, etc.), or (b) located in a jurisdiction subject to a comprehensive U.S. embargo (as of the date of these Terms, that list includes Cuba, Iran, North Korea, Syria, and the Crimea, Donetsk, and Luhansk regions of Ukraine). Tenant will flow this restriction down to its Signers.

17. Modifications

Provider may update these Terms from time to time. Material changes will be notified by email to Tenant’s registered admin contact and posted on this page. For Tenants on an active paid term, material changes take effect on the next renewal; for BAA-tier Tenants, material changes affecting PHI handling will be proposed at least 30 days in advance. Continued use of the Service after the effective date constitutes acceptance.

18. E-signature enforceability — affirmative recitation

The parties expressly acknowledge and agree that:
  • An electronic signature executed through the Service has the same legal effect as a handwritten signature under the U.S. ESIGN Act (15 U.S.C. § 7001 et seq.) and applicable state UETA law, and qualifies as at least a Simple or Advanced Electronic Signature under eIDAS Article 25.
  • The Audit Certificate produced by the Service — containing the document hash, an RFC 3161 trusted timestamp, a chained record of signer activity, and where applicable the reference to a Relay Verification Handoff Token — is admissible evidence of the execution.
  • Consumer Signers are presented with the disclosure required by ESIGN § 101(c) before any electronic signature is captured; the Provider retains evidence of that presentation and affirmative acceptance.

19. Miscellaneous

  • Entire agreement. These Terms, together with the AUP, Privacy Policy, DPA, and any executed BAA or order form, form the entire agreement between the parties and supersede prior understandings on the same subject matter.
  • No waiver. Failure to enforce a provision is not a waiver.
  • Severability. If a provision is found unenforceable, the remainder stays in effect.
  • Assignment. Neither party may assign these Terms without the other’s consent, except to a successor in a merger or sale of substantially all assets.
  • Notices. Notices to Provider go to legal@spitshake.io. Notices to Tenant go to the registered admin contact email.
  • No implied partnership. These Terms do not create a partnership, joint venture, agency, or employment relationship.
Service provided by IVERIFI, LLC d/b/a SpitShake (a Connecticut limited liability company wholly owned by ADS CORP). Last updated: 2026-04-19.