Terms of Service

1. Definitions

• "ambrstack" — The entity that owns and operates FlitStack AI, referred to also as "we," "our," or "us"
• "FlitStack AI" — The CRM migration platform (formerly "Switcher") operated by ambrstack, including all production, staging, and development environments; APIs; connectors; and supporting subprocessors
• "Customer" — The individual or legal entity that has executed a Master Service Agreement (MSA), Order Form, or equivalent commercial agreement with ambrstack to use FlitStack AI
• "Customer Data" — Any data submitted to FlitStack AI by or on behalf of the Customer for the purpose of executing a migration, including CRM Record Data (processed in memory only) and Schema and Configuration Metadata (cached temporarily)
• "CRM Record Data" — Operational CRM content such as contacts, companies, deals, tickets, tasks, notes, or activities. Never persisted by FlitStack AI
• "Schema Metadata" — Structural information such as object definitions, field types, pipelines, and mapping rules required for accurate migration. Cached only for the duration of a migration
• "Migration" — A discrete data movement initiated by the Customer between a source CRM and a destination CRM using FlitStack AI
• "Subprocessor" — A third-party service provider engaged by ambrstack under a Data Processing Agreement (DPA) to support FlitStack AI's operations

2. Acceptance of Terms

By accessing or using FlitStack AI, you (the Customer) agree to be bound by these Terms of Service ("Terms") and any associated Order Form, Master Service Agreement, or Data Processing Agreement executed with ambrstack. If you are using FlitStack AI on behalf of an organization, you represent that you have authority to bind that organization to these Terms.

If you do not agree to these Terms, you must not access or use FlitStack AI. ambrstack reserves the right to update these Terms in accordance with Section 17; continued use after notice of an update constitutes acceptance of the revised Terms.

3. Service Description

FlitStack AI is a CRM data migration platform that moves Customer Data between source and destination CRMs. The platform is engineered around an in-memory architecture that minimizes data persistence and exposure.

• In-Memory Processing — All CRM Record Data is processed exclusively in memory. CRM records are never written to disk, exported, or retained after a migration session concludes
• Temporary Schema Caching — Schema Metadata required for mapping and reconciliation may be cached temporarily and is securely deleted after migration via cryptographic erasure
• Data Pipeline — Migration follows an extract-transform-validate-load pattern, with field-level validation and reconciliation between source and destination
• Rollback Capability — Customers may revert a completed migration within the contractually agreed rollback window
• Out of Scope — FlitStack AI moves data and schema only. Workflows, automations, validation rules, macros, SLAs, and reports are not migrated; they are rebuilt natively in the destination CRM by the Customer

ambrstack provides FlitStack AI on an "as a service" basis. The architecture, features, and supporting subprocessors may evolve; material changes affecting Customer obligations will be communicated in advance.

4. Account & Registration

• Account Creation — Customers must register through ambrstack's authentication provider (PropelAuth) and complete onboarding for each authorized user
• Authentication — Multi-Factor Authentication (MFA) is mandatory for all privileged accounts and recommended for all users
• Credentials — Customers are responsible for the secrecy of their account credentials and for all activity that occurs under their account. Plaintext passwords are never stored by FlitStack AI
• User Provisioning — Customers must promptly deprovision users who no longer require access; ambrstack supports OAuth2 and SSO for enterprise identity providers
• Eligibility — FlitStack AI is a business service and is not directed at individuals under the age of 16

5. Acceptable Use

Customers agree not to use FlitStack AI to:

• Process Customer Data for which the Customer does not have a lawful basis or appropriate authorization in the source and destination CRMs
• Reverse-engineer, decompile, or otherwise attempt to derive the source code or proprietary algorithms of FlitStack AI
• Attempt to access or interfere with another Customer's data, accounts, or migration pipelines
• Use FlitStack AI to transmit malware, conduct phishing, or perform any activity that violates applicable law
• Circumvent rate limits, authentication controls, or access restrictions imposed by FlitStack AI or the source / destination CRM
• Use FlitStack AI to migrate data in violation of the source or destination CRM's terms of service
• Resell, sublicense, or provide FlitStack AI to third parties without ambrstack's prior written consent

ambrstack reserves the right to suspend or terminate access for Customers who breach this Section, subject to Section 15 (Term & Termination).

6. Shared Responsibility Model

FlitStack AI operates under a shared responsibility model. The following allocation of responsibilities applies between ambrstack and the Customer:

ambrstack Responsibilities

• Securing migration operations — Ensuring that CRM data processed in memory is encrypted in transit, handled under strict access controls, and protected by resilient infrastructure
• Protecting temporary metadata — Managing schema and configuration data, when cached for mapping, under encryption and secure deletion practices
• Compliance and transparency — Publishing subprocessors, maintaining audit trails, and notifying Customers of material changes or confirmed incidents
• Monitoring and incident response — Detecting anomalies, responding to potential breaches, and escalating notifications within regulatory timelines

Customer Responsibilities

• Data governance within their CRM — Protecting CRM records and access rights in source and target systems
• CRM access management — Managing permissions and access controls in source and target CRMs throughout the migration
• API credential management — Issuing, rotating, and revoking OAuth tokens used to authorize FlitStack AI migrations, including app installation and removal
• Migration design — Designing workflows, mapping rules, and migration schedules that align with the Customer's internal compliance requirements
• Incident reporting — Promptly notifying ambrstack if access credentials are compromised or unauthorized activity is suspected

7. Data Processing Scope

ambrstack acts solely as a data processor (or service provider, as applicable) and processes Customer Data only as instructed by the Customer in connection with the Migration. The detailed framework — including data categories, retention, subprocessors, and security measures — is set out in the Privacy Policy.

• CRM Record Data is processed strictly in memory, with no persistence of data post-migration
• Schema Metadata is cached temporarily, encrypted in transit (TLS 1.2+) and at rest (AES-256), and deleted via cryptographic erasure after migration
• Customer Data is never used for analytics, profiling, marketing, or product development purposes
• Subprocessors are bound by GDPR-compliant Data Processing Agreements (DPAs); material changes are notified per GDPR Article 28
• ambrstack is pursuing formal GDPR certification and SOC 2 Type II audit; these processes are currently underway

For enterprise Customers, ambrstack will execute a Data Processing Agreement (DPA) on request.

8. Intellectual Property

• FlitStack AI IP — All right, title, and interest in FlitStack AI — including its software, documentation, schema models, migration algorithms, and platform-generated outputs (excluding Customer Data) — remain the exclusive property of ambrstack
• Customer Data Ownership — The Customer retains all right, title, and interest in Customer Data. ambrstack does not claim ownership of Customer Data and does not retain CRM records after migration
• License to ambrstack — The Customer grants ambrstack a limited, non-exclusive, royalty-free license to access and process Customer Data solely for the purpose of providing the Migration service
• Feedback — Any feedback or suggestions provided by the Customer may be used by ambrstack to improve FlitStack AI without compensation or attribution, provided that such feedback contains no Customer Data

9. Service-Level Commitments

ambrstack commits to operating FlitStack AI with the standards described below. Where a Service Level Agreement (SLA) is executed as part of an Order Form, the specific terms of that SLA take precedence.

ambrstack leverages resilient cloud infrastructure with automatic scaling and failover, and conducts regular disaster recovery drills to validate operational readiness.

10. Fees & Payment

• Fees — Fees are set out in the applicable Order Form or commercial agreement. Pricing is per-migration, all-in, and includes the items listed on the Pricing page
• Invoicing — ambrstack invoices Customers in accordance with the Order Form. Unless otherwise agreed, fees are payable within 30 days of invoice date
• Taxes — Fees are exclusive of taxes. The Customer is responsible for any sales, use, value-added, or similar taxes, except for taxes on ambrstack's net income
• Refunds — If a production migration fails validation and cannot be resolved, the Customer is entitled to a full refund. Pre-cancellation, the Customer remains liable for completed scoping and sample work
• Suspension — ambrstack may suspend access for accounts more than 30 days past due, following written notice

11. Confidentiality

Each party agrees to protect the other's Confidential Information with the same degree of care it uses to protect its own confidential information of like importance, and in no event less than reasonable care.

• Confidential Information — Includes Customer Data, ambrstack's non-public technical and business information, subprocessor lists shared under NDA, and security audit results
• Permitted Disclosure — Confidential Information may be disclosed to employees, contractors, and subprocessors who have a need to know and are bound by confidentiality obligations
• Personnel Bound — Every ambrstack employee and contractor with access to FlitStack AI systems is bound by confidentiality agreements; subprocessors are bound by DPAs
• Compelled Disclosure — A party may disclose Confidential Information as required by law, provided it gives the other party prompt notice (where lawful) so it may seek a protective order

12. Warranties & Disclaimers

ambrstack warrants that:

• FlitStack AI will be operated in accordance with this agreement, the Privacy Policy, and the security commitments described therein
• Customer Data will be processed only as instructed by the Customer and only for the purpose of performing Migrations
• FlitStack AI will not introduce malware, viruses, or other malicious code to the Customer's environment

Except as expressly set out above, FlitStack AI is provided "as is" and "as available." ambrstack disclaims all other warranties, express or implied, including warranties of merchantability, fitness for a particular purpose, and non-infringement. ambrstack does not warrant that FlitStack AI will be uninterrupted or error-free.

The Customer acknowledges that source and destination CRMs are operated by third parties and that ambrstack is not responsible for outages, rate limits, or policy changes by those third parties.

13. Limitation of Liability

To the maximum extent permitted by law:

• Neither party will be liable for any indirect, incidental, consequential, special, or punitive damages, including loss of profits, revenue, or data, even if advised of the possibility of such damages
• Each party's aggregate liability arising out of or related to this agreement will not exceed the total fees paid by the Customer to ambrstack in the 12 months preceding the event giving rise to the claim
• The limitations above do not apply to (i) breaches of confidentiality, (ii) indemnification obligations, (iii) gross negligence or willful misconduct, or (iv) violation of intellectual property rights

14. Indemnification

The Customer agrees to indemnify and hold ambrstack harmless from claims arising out of (i) the Customer's breach of these Terms, (ii) the Customer's misuse of FlitStack AI, or (iii) the Customer's violation of applicable law in connection with the Migration.

ambrstack agrees to indemnify the Customer for third-party claims alleging that FlitStack AI infringes a patent, copyright, or trademark, provided the Customer (a) promptly notifies ambrstack, (b) reasonably cooperates with ambrstack's defense, and (c) does not settle the claim without ambrstack's written consent.

15. Term & Termination

• Term — These Terms commence on the Effective Date in the applicable Order Form and continue until terminated as set out below
• Termination for Convenience — Either party may terminate with 30 days' written notice, subject to any non-cancellable Migration commitments already in flight
• Termination for Cause — Either party may terminate immediately if the other party (i) materially breaches these Terms and fails to cure within 30 days of notice, or (ii) becomes insolvent or files for bankruptcy
• Effect of Termination — Upon termination, the Customer's access to FlitStack AI ends. ambrstack will purge any temporary metadata and authentication tokens in accordance with the Privacy Policy. CRM Record Data is, by architecture, never retained beyond an active migration session
• Survival — Sections 8 (Intellectual Property), 11 (Confidentiality), 12 (Warranties), 13 (Limitation of Liability), 14 (Indemnification), 16 (Governing Law), and 17 (General Provisions) survive termination

16. Governing Law & Disputes

These Terms are governed by the laws of the jurisdiction in which ambrstack is incorporated, excluding conflict-of-laws principles. The parties submit to the exclusive jurisdiction of the courts located in that jurisdiction for any dispute arising out of or related to these Terms, except that ambrstack may seek injunctive relief in any court of competent jurisdiction to protect its intellectual property or Confidential Information.

Before commencing legal proceedings, the parties will attempt to resolve disputes through good-faith negotiation for a period of 30 days.

17. General Provisions

• Entire Agreement — These Terms, together with the Privacy Policy, Cookie Policy, applicable Order Form, MSA, and DPA, constitute the entire agreement between the parties and supersede all prior agreements on the subject matter
• Updates — ambrstack may update these Terms by posting an updated version with a revised "Last Updated" date. Material changes are communicated proactively. Continued use after notice constitutes acceptance
• Assignment — Neither party may assign these Terms without the other's written consent, except that ambrstack may assign to an affiliate or in connection with a merger, acquisition, or sale of substantially all of its assets
• Severability — If any provision is found unenforceable, the remaining provisions remain in effect, and the unenforceable provision is replaced with an enforceable provision that most closely reflects the parties' intent
• No Waiver — A party's failure to enforce a provision is not a waiver of that provision or any other provision
• Force Majeure — Neither party is liable for failure or delay caused by events beyond its reasonable control, provided it gives prompt notice and resumes performance as soon as practicable
• Notices — Notices must be in writing and delivered to the contact addresses set out in the applicable Order Form or at [email protected]

18. Contact