IANS MCP POC Terms
BY CLICKING “ACCEPTANCE”, CHECKING THE ACCEPTANCE BOX OR ACCESSING THE DATA IN ANY MANNER, THE ENTITY OR INDIVIDUAL DOING SO (“LICENSEE”) AGREES TO BE LEGALLY BOUND BY ALL TERMS AND CONDITIONS OF THIS DATA AGREEMENT. IF YOU DO NOT AGREE, DO NOT ACCESS OR USE THE DATA.
1. Parties and Effective Date
This Data License Data Agreement (the “Data Agreement”) is entered into as of the date Licensee first accepts these terms (the “Effective Date”) by and between: IANS: Institute for Applied Network Security, LLC, a Massachusetts limited liability company (“IANS” or “Company”); and Licensee: the business entity identified during the account registration or order process (“Licensee” or “Client”). Each of IANS and Licensee is a “Party” and together the “Parties.” This Data Agreement is governed by and made a part of the Master Services Agreement previously entered into by IANS and the undersigned Client and shall be considered an Order Form as defined in the Master Services Agreement; provided, however, that in the event of a conflict between the Master Services Agreement and the terms and conditions below, this Data Agreement shall prevail. Licensee also agrees that the terms located at https://www.iansresearch.com/terms-of-service apply to this Data Agreement.
2. Definitions
2.1 “Data” means the IANS practitioner intelligence, market intelligence, industry research, benchmarks, analytics, datasets, reports, and related content made available by IANS to Licensee under this Data Agreement, including all updates, supplements, and derivative compilations provided by IANS.
2.2 “Authorized Users” means current employees and contractors of Licensee who have a legitimate business need to access the Data solely for Licensee’s Internal Business Purposes, and who have agreed to confidentiality obligations at least as protective as those in this Data Agreement.
2.3 “Internal Business Purposes” means use of the Data exclusively within Licensee’s own organization for Licensee’s own business analysis, strategic planning, and decision-making. For the avoidance of doubt, Internal Business Purposes exclude any use that benefits a third party or any redistribution, resale, sublicensing, or commercialization of the Data.
2.4 “Derivative Work” means any analysis, report, summary, visualization, model output, or other material that incorporates, is derived from, or substantially references the Data.
2.5 “AI / ML Training” means using the Data as input to train, fine-tune, pre-train, or otherwise develop any public machine learning model, large language model, neural network, or artificial intelligence system.
2.6 “Synthetic Data” means data that is artificially generated by computational means (including generative AI) to mimic statistical properties of the Data.
2.7 “Autonomous Agent” means any software, bot, robotic process, AI-powered automation, or similar technology that accesses, queries, or processes the Data without direct, real-time human oversight of each individual interaction.
3. License Grant and POC Description
IANS is providing Client with access to a pre-commercial, proof-of-concept integration (“POC Service”) that makes IANS proprietary content available via a Document Application Programming Interface (“Document API”) and Model Context Protocol server (“MCP Server”). The POC Service is experimental in nature. IANS makes no warranties regarding availability, accuracy, or fitness for any particular purpose. No service level agreement applies to the POC Service. IANS reserves the right to modify, suspend, or discontinue the POC Service at any time without liability.
Subject to the terms of this Data Agreement and the ToS, IANS grants Client a limited, non-exclusive, non-transferable, revocable license during the POC Period to: (a) access IANS content programmatically via the Document API using credentials provided by IANS; (b) deliver retrieved IANS content to Client’s authorized AI tools (including Microsoft Copilot and Anthropic Claude) solely as grounding context for generating responses to queries submitted by Client’s authorized users; and (c) display AI-generated responses incorporating IANS content to Client’s authorized users solely for Client’s internal business purposes. This license does not extend beyond the POC Period and does not survive termination of the Data Agreement.
The POC period will run 60 days from the date of the Company’s first user acceptance of the Data Agreement. This acceptance is agreed to through the MCP pop-up box that occurs before the first time use of the MCP. The POC can be extended by joint agreement of both parties.
4. Restrictions on Use
4.1 Internal Use Only. Licensee shall use the Data exclusively for Internal Business Purposes. Licensee shall not, directly or indirectly:
- sell, resell, transfer, assign, sublicense, or otherwise commercially exploit the Data or any portion thereof;
- disclose, distribute, publish, or make the Data available to any third party (including affiliates, clients, customers, or partners);
- incorporate the Data into any product, service, or platform offered to third parties;
- use the Data to create or offer a competing data product or service;
- combine the Data with third-party data sets for external distribution or commercial exploitation; or
- use the Data as a substitute for, or to replicate, any product or service that IANS offers or may offer.
4.2 Prohibition on AI and Machine Learning Training. Licensee shall not use the Data, in whole or in part, for AI / ML Training without IANS’s prior written consent, which may be withheld, conditioned, or revoked in IANS’s sole and absolute discretion. This prohibition applies to: training foundation models, fine-tuned models, or any AI/ML system; prompt engineering, retrieval-augmented generation (RAG) pipelines operating at scale, or similar processes where the Data is systematically ingested without human review; and any third-party AI or cloud service that would retain, index, or learn from the Data. Notwithstanding the foregoing, any prohibition on systematic or programmatic download, retrieval, or storage of IANS content does not apply to Client’s authorized use of the Document API as expressly permitted under this Data Agreement. All other restrictions remain in full force. This carve-out applies only during the POC Period, only to the authorized API credentials issued to Client, and only for the purposes described herein.
4.3 Prohibition on Synthetic Data Generation. Licensee shall NOT use the Data, in whole or in part, to generate Synthetic Data at scale or for distribution. For purposes of this Section, “at scale” means any automated or semi-automated process generating more than incidental volumes of synthetic records. Isolated analytical use resulting in small numbers of illustrative examples for internal presentations does not constitute prohibited Synthetic Data generation, provided the underlying Data is not disclosed.
4.4 Prohibition on Autonomous Agent Access. Licensee shall NOT permit any Autonomous Agent to access, query, scrape, or otherwise process the Data. All access to the Data must be initiated and supervised by a human Authorized User in real time. Automated alerting, scheduled reporting, and similar features explicitly offered by IANS are excepted only to the extent they are enabled through IANS’s authorized platform.
5. Attribution Requirements
5.1 Licensee shall not use the citation or IANS’s name, logo, or trademarks in any manner that suggests IANS endorses Licensee’s conclusions, products, or services without IANS’s prior written consent. Licensee shall not remove, alter, or obscure any proprietary notices, copyright legends, or attribution statements embedded in or accompanying the Data.
6. Intellectual Property Rights
6.1 Ownership. As between the Parties, IANS retains all right, title, and interest, including all intellectual property rights, in and to the Data, the methods and processes used to compile or generate the Data, all APIs and MCP Servers, and all modifications, enhancements, and updates thereto. Nothing in this Data Agreement transfers or conveys to Licensee any ownership interest in the Data.
6.2 Feedback. If Licensee provides IANS with suggestions, corrections, enhancements, or other feedback regarding the Data, Licensee hereby grants IANS a perpetual, irrevocable, royalty-free, worldwide license to use, incorporate, and commercialize such feedback without restriction or compensation.
6.3 No Reverse Engineering. Licensee shall not reverse engineer, decompile, disassemble, or otherwise attempt to derive the underlying methodology, algorithms, or source data used to create the Data.
7. Audit Rights
Right to Audit. IANS (or its designated third-party auditor) shall have the right, upon reasonable prior written notice of not less than ten (10) business days, to audit Licensee’s systems, records, and facilities to verify Licensee’s compliance with this Data Agreement, including verification of: the identity and number of Authorized Users; the scope and nature of Data usage; compliance with the restrictions in Sections 4, 5, and 6; and compliance with data security requirements. Upon IANS’s written request, Licensee shall provide a written certification, signed by an officer of Licensee, attesting to the manner in which the Data has been accessed and used.
8. Term and Termination
Term. This Data Agreement commences on the Effective Date and continues for the subscription period specified in the applicable order form or invoice (the “Initial Term”). Unless either Party provides written notice of non-renewal at least thirty (30) days prior to the end of the then-current Term, this Data Agreement will automatically renew for successive periods equal to the Initial Term (“Renewal Terms,” and together with the Initial Term, the “Term”). IANS may terminate this Data Agreement at any time for any reason or no reason upon thirty (30) days’ prior written notice, in which case IANS shall provide a pro-rated refund of any pre-paid, unused Fees. Licensee may terminate this Data Agreement upon thirty (30) days’ prior written notice, subject to Licensee’s obligation to pay all Fees accrued through the date of termination. IANS will use commercially reasonable efforts to notify Licensee of any suspension promptly after exercising this right. Suspension does not waive IANS’s right to subsequently terminate. Upon termination or expiration of this Data Agreement: all licenses granted herein immediately cease; Licensee shall promptly (and in any event within five (5) business days) destroy or delete all copies of the Data in Licensee’s possession or control, including copies held by third-party processors, and certify such destruction in writing to IANS.
9. Disclaimer of Warranties
THE DATA IS PROVIDED “AS IS” AND “AS AVAILABLE.” IANS EXPRESSLY DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INFRINGEMENT, AND ACCURACY. IANS DOES NOT WARRANT THAT THE DATA WILL BE ERROR-FREE, COMPLETE, CURRENT, OR FREE OF INTERRUPTIONS. LICENSEE ASSUMES ALL RISKS ASSOCIATED WITH ITS USE OF THE DATA. IANS shall not be responsible for Licensee’s reliance on the Data.
10. API Credential and Data Security
Licensee shall implement and maintain commercially reasonable technical and organizational security measures to protect the Data against unauthorized access, disclosure, alteration, or destruction, consistent with applicable industry standards. Licensee shall promptly (and in any event within forty-eight (48) hours) notify IANS of any actual or suspected breach of security involving the Data.
IANS will issue Client one or more API keys (“Credentials”) to enable access to the POC Service. Client shall: (a) treat Credentials as confidential and protect them with at least the same degree of care it uses for its own sensitive credentials; (b) restrict access to Credentials to authorized users within Client’s organization who require access to perform the activities permitted under this Data Agreement; (c) not share Credentials with any third party, including consultants, vendors, or affiliates, without IANS’s prior written consent; (d) notify IANS immediately upon discovering or suspecting any unauthorized access to, disclosure of, or misuse of Credentials; and (e) cooperate with IANS to revoke compromised Credentials and assess any unauthorized access. IANS may revoke Credentials at any time without notice if IANS reasonably believes misuse has occurred.
11. Fees and Payment
Licensee agrees to pay IANS the fees set forth in the applicable order form, invoice, or online checkout (the “Fees”) in accordance with the payment terms specified therein. All Fees are non-refundable except as expressly provided in Section 9.3. IANS reserves the right to suspend access for non-payment following ten (10) days’ written notice.
12. Governing Law and Dispute Resolution
This Data Agreement and all matters arising out of or relating to it shall be governed by the laws of the State of Delaware, without regard to conflict of law principles. The Parties shall attempt to resolve any dispute in good faith through senior management escalation. If unresolved within thirty (30) days, any dispute shall be finally resolved by binding arbitration administered by JAMS in accordance with its Comprehensive Arbitration Rules and Procedures, with the arbitration conducted in Boston, MA(or another mutually agreed location). The arbitration shall be conducted in English, and the arbitral award shall be final and enforceable in any court of competent jurisdiction. Notwithstanding the foregoing, either Party may seek injunctive or other equitable relief in any court of competent jurisdiction to prevent irreparable harm pending arbitration, including but not limited to relief for any actual or threatened breach of Section 4, 5, or 7.
13. General Provisions
This Data Agreement, together with any applicable order forms, constitutes the entire Data Agreement between the Parties regarding the Data and supersedes all prior and contemporaneous Data Agreements, representations, and understandings, whether written or oral, relating to its subject matter. This Data Agreement may be amended by IANS from time to time by providing Licensee with at least thirty (30) days’ written notice. Continued use of the Data after the effective date of any amendment constitutes Licensee’s acceptance of the amended terms. No waiver of any breach shall be construed as a waiver of any subsequent breach. No waiver is effective unless in writing and signed by an authorized representative of the waiving Party. If any provision of this Data Agreement is found invalid or unenforceable, that provision shall be modified to the minimum extent necessary to make it enforceable, and the remaining provisions shall remain in full force and effect. Licensee may not assign this Data Agreement or any rights hereunder without IANS’s prior written consent. IANS may assign this Data Agreement without consent in connection with a merger, acquisition, or sale of substantially all of its assets. Any purported assignment in violation of this Section is void. Notices under this Data Agreement shall be in writing and delivered by email (with read receipt or confirmation of delivery) or by overnight courier to the addresses provided during registration or on the applicable order form. The Parties are independent contractors. Nothing in this Data Agreement creates a partnership, joint venture, agency, or employment relationship. This Data Agreement may be executed electronically. Electronic acceptance (click-through, checkbox, or e-signature) is valid and legally binding.
Acceptance
BY CLICKING “I ACCEPT” OR CHECKING THE BOX, THE INDIVIDUAL ACCEPTING REPRESENTS THAT THEY HAVE THE AUTHORITY TO BIND LICENSEE TO THIS DATA AGREEMENT AND THAT LICENSEE AGREES TO ALL TERMS AND CONDITIONS HEREIN.