Capydox Terms of Service
Terms and conditions governing the use of Capydox (web and desktop app), subscription plans, responsibilities and data processing, mainly aimed at professional/B2B use.
Last updated: May 21, 2026
Capydox Terms of Service
Last updated: 21/05/2026
This document sets out the terms and conditions (the "Terms") that govern access to and use of Capydox, including the web platform and the desktop application (together, the "Service").
By registering, accessing or using the Service, you agree to be bound by these Terms. If you use Capydox on behalf of a company or organization, you represent and warrant that you have the authority to bind such entity to these Terms.
1. Provider identity and scope
Capydox is a service provided by a self-employed professional operating under the trade name Capydox (in this document, "Capydox", "we" or the "Provider"), with professional address in Spain. Full identification and contact details are set out in the Legal Notice available on the website.
These Terms apply to:
- Browsing and using the Capydox website.
- Using the platform as a SaaS service (web) and the desktop application that connects to a cloud account.
- Access to the Service by end users authorised by a customer company or organization.
If there is any conflict between these Terms and any specific agreement signed between Capydox and a customer (for example, an Enterprise agreement), the specific agreement will prevail to the extent that it is more specific.
2. Basic definitions
For the purposes of these Terms:
- Customer: the natural or legal person who subscribes to a Capydox plan and assumes the payment obligations and compliance with these Terms.
- Organization: the main account or space associated with the Customer, from which workspaces, teams and users are managed.
- User or Authorised User: the natural person who accesses the Service through an individual account linked to the Customer or its Organization.
- Workspace: a working environment within Capydox associated with an Organization or User, where collections, documentation, evidence and other content are stored.
- Customer Content: any information, data, file, collection, OpenAPI specification, evidence, documentation or material that the Customer or its Users upload, import or generate within the Service.
3. Account registration and eligibility
To use Capydox as a SaaS product you must create a user account and accept these Terms.
- The account is personal and non-transferable. Users must keep their credentials confidential and must not share them with third parties.
- The Service is mainly intended for professional or business use (B2B). By accepting these Terms you confirm that you use Capydox in the course of your professional or business activity or under the responsibility of an organization.
- Capydox may offer sign-in through external providers (for example Google, GitHub or Microsoft) or enterprise SSO via OIDC/SAML configured by the Customer.
The Customer is responsible for:
- The accuracy and up-to-date nature of the data provided during registration.
- Any activity carried out through the accounts of its Authorised Users.
Capydox reserves the right to suspend or cancel accounts where it detects uses that are contrary to these Terms, to good faith or to applicable law.
4. Plans, subscriptions and free trials
Capydox offers different plans, which may include monthly and annual options, as well as additional features (for example team collaboration, SSO, higher storage or more workspaces).
In some plans Capydox may offer free trial periods. In that case:
- The duration of the trial and the features included will be specified.
- Unless stated otherwise, at the end of the trial the subscription will automatically convert into a paid plan as selected.
- The Customer may cancel the subscription before the end of the trial period in order to avoid charges.
The current features of each plan (including any usage limits, where applicable) are shown on the website or in the Service pricing page.
5. Prices, billing and renewals
Plan prices are shown on the website or during the checkout flow, and may include or exclude taxes as indicated.
- Payments, billing, checkout and the customer portal are provided through third-party providers such as Stripe or equivalent services, which act as data processors where applicable.
- By subscribing to a paid plan, the Customer authorises Capydox and the payment provider to charge the recurring fees associated with the subscription.
- Subscriptions automatically renew at the end of each billing period (monthly or yearly), unless the Customer cancels beforehand.
Unless expressly stated otherwise:
- Capydox does not offer refunds for already billed periods, whether in full or in part, even if the Customer stops using the Service before the end of the billing term.
- The Customer may cancel future renewals at any time from the account panel or by following the instructions provided, keeping access to the Service until the end of the period already paid for.
Where the Service is used solely in a professional/B2B context, consumer protection rules will only apply to the extent required by mandatory law.
6. Acceptable use of the Service
The Customer and its Users agree to use Capydox diligently, lawfully and in accordance with these Terms.
The following behaviours are prohibited, among others:
- Using the Service for unlawful purposes or in ways that infringe third-party rights.
- Attempting to gain unauthorised access to systems or data belonging to other customers or to Capydox.
- Uploading or distributing malicious code, malware, exploits or content that may damage the security or stability of the Service.
- Using Capydox to carry out brute-force attacks, large-scale vulnerability scans or any activity that may be considered network abuse.
Capydox may set reasonable usage limits per plan (for example number of workspaces, collections, storage or documentation generation), which will be indicated on the pricing page or in the product documentation. Once published, such limits will form part of these Terms.
Capydox may temporarily suspend an account or workspace where it detects use that compromises the security or stability of the Service or seriously breaches these Terms, while informing the Customer where reasonably possible.
7. Desktop application (Capydox Desktop)
Capydox provides a desktop application based on Electron that connects to the cloud Service.
- To use Capydox Desktop as a SaaS product an online account and authentication against Capydox servers are required.
- The desktop app can be used to generate OpenAPI specifications from the project code locally; the analysed code is not sent to Capydox unless the User chooses to upload the generated specification or other resulting artefacts.
- The application may store certain technical data locally (for example temporary scan artefacts, window preferences, embedded browser session or local configuration).
- The Capydox Desktop installer is distributed from the Capydox website and, where applicable, through official stores such as Microsoft Store.
Capydox Desktop may periodically connect to:
- Check for updates.
- Download new versions or security patches.
- Verify the subscription status associated with the account.
Capydox does not bundle third-party analytics or crash-reporting SDKs in the desktop application that send detailed telemetry by default, without prejudice to the minimal logging necessary for operation, security and updates.
8. Intellectual property and Customer Content
Capydox retains all intellectual and industrial property rights over the software, platform, brand and any elements related to the Service that are not Customer Content.
The Customer retains all rights over the Customer Content uploaded, imported or generated within Capydox.
By using the Service, the Customer grants Capydox a limited, non-exclusive and revocable licence to store, process and display Customer Content solely to the extent necessary to provide the Service, offer support and comply with applicable legal obligations.
The Customer represents and warrants that:
- It holds all rights and authorisations necessary to upload and process Customer Content in Capydox.
- Customer Content does not infringe third-party rights or applicable law.
9. Privacy and data protection
The processing of personal data arising from the use of the Service is governed by the Capydox Privacy Policy and, where Capydox acts as data processor on behalf of the Customer, by the applicable Data Processing Agreement (DPA).
Among other aspects, the Privacy Policy describes:
- Which personal data are collected and for what purposes.
- Which legal bases justify each processing activity.
- Which third parties act as processors or sub-processors (for example hosting, database, email and payment providers).
- Which security measures Capydox applies, including encryption in transit and at rest for sensitive workspace data.
The Customer is responsible for complying with its own data protection obligations (for example informing its own users or clients, obtaining necessary consents and properly configuring permissions within workspaces).
10. Sub-processors and third-party services
To operate the Service, Capydox uses external providers that may process personal data on the Customer's behalf (for example Stripe, Resend, Supabase, Railway, Vercel, analytics tools, binary storage and social login or SSO providers).
The up-to-date list of sub-processors, together with a description of their main roles, is made available in the legal documentation or in an annex to the DPA.
Capydox undertakes to sign appropriate agreements with these providers as required under applicable data protection law and to ensure that they offer sufficient guarantees in terms of security and confidentiality.
11. Service availability, maintenance and support
Capydox will use reasonable efforts to keep the Service stable and secure.
- Specific conditions regarding service levels, response times and any credits are described in the Service Level Agreement (SLA) published in the legal section.
- Capydox may carry out scheduled maintenance that involves temporary interruptions, seeking to do so at low-impact times and providing notice where reasonably possible.
Technical support is provided through the channels indicated on the website or within the application itself (for example email or ticketing system), with the scope and hours specified for each plan.
12. Changes to the Service and Terms
Capydox may introduce improvements, changes or new features in the Service, as well as remove features that have become obsolete or are no longer reasonably viable.
When changes materially affect commercial or usage conditions:
- Capydox will notify the Customer with reasonable advance notice by email or in-app notice.
- If the Customer does not agree with the new Terms, it may cancel the subscription before the effective date of the changes.
The current version of these Terms will always be available on the Capydox website, indicating the last update date.
13. Liability and disclaimer of warranties
Use of the Service is at the Customer's own risk, who must assess whether Capydox meets its requirements.
To the maximum extent permitted by applicable law:
- Capydox provides the Service on an "as is" and "as available" basis, without warranties of uninterrupted operation, error-free performance or complete security.
- Capydox will not be liable for indirect damages, loss of profits, loss of data or damages arising from breaches by the Customer, third parties or from improper configuration of the Customer's systems.
Nothing in these Terms excludes or limits any liability that cannot be excluded or limited under applicable law.
Where the Service is used in a consumer context subject to mandatory rules, the limitations of liability and warranties will be interpreted in a way that is compatible with such rules.
14. Termination and effects of cancellation
Either party may terminate the relationship in the following cases:
- By decision of the Customer, cancelling the subscription or deleting its account as described in the platform.
- For material and repeated breach of these Terms by the Customer, its Users or Capydox, once the breach has been notified and, where applicable, after a reasonable cure period.
Upon termination of the contractual relationship:
- The Customer's access to the Service will be deactivated, in whole or in part, as appropriate.
- Capydox will retain data for the periods necessary to comply with legal and security obligations, after which it will delete or anonymise them as set out in the Privacy Policy.
- The Customer is responsible for exporting or downloading any Customer Content it wishes to keep before the effective cancellation date.
15. Governing law and jurisdiction
These Terms are governed by Spanish law, without prejudice to any mandatory consumer protection rules that may apply in specific cases.
Unless otherwise required by law, any dispute relating to the interpretation or performance of these Terms will be submitted to the competent courts at the Provider's or the Customer's domicile, as applicable and in accordance with procedural rules.
16. Contact
For any questions regarding these Terms or the Service, you may contact Capydox using the details provided in the Legal Notice and in the contact section of the website.