Terms of Service
Last updated: 2026-01-28
For users residing in Japan, the Japanese version of these Terms is the governing text. For users residing outside Japan, the English version prevails. If there is any discrepancy, the governing version will control depending on the user's place of residence.
These Terms of Service ("Terms") set forth the conditions for providing FlowHub ("Service") and the rights and obligations of users. Please read them carefully before using the Service.
Article 1 (Definitions and Applicability)
- "External Services" means GitHub, Supabase, Postmark, Stripe, Vercel (including Vercel Analytics), Google (Google Calendar API), Sentry, and any other third-party services we use to operate the Service.
- These Terms apply to the provision of the Service. We may revise these Terms as needed, and revisions take effect when we notify users via their registered email address or in another manner we prescribe. For material changes, we will provide reasonable prior notice. Continued use of the Service after revisions constitutes acceptance.
Article 2 (Accounts, Authentication, and GitHub Integration)
- The Service requires GitHub account integration (OAuth or GitHub App installation). With user consent, we create and configure GitHub Organizations, repositories, Projects (v2), and automatically reflect Issues and Projects as needed.
- Tokens used for integration (OAuth access tokens, installation tokens, workflow token hashes, etc.) are stored, refreshed, and revoked for security. Users are responsible for executing integrations under their own authority and must not disclose or lend tokens to third parties.
- Users represent and warrant that they have the necessary administrative permissions (repository creation, project creation, etc.) for the target GitHub Organization.
- Users represent and warrant that they are at least 18 years old, have the legal capacity to agree to these Terms, and if they use the Service on behalf of an organization, have the authority to bind that organization.
Article 3 (Fees and Payment)
- The Service fee is USD 3 per user per month.
- Fees are charged as a subscription and automatically renew monthly according to Stripe's billing schedule. Payment is by credit card via Stripe, and information necessary for payment is provided to Stripe.
- We retain payment identifiers necessary for billing management, such as Stripe customer IDs and subscription IDs.
- Due to the nature of the Service, we do not provide refunds for mid-period cancellations.
- We may change fees with reasonable prior notice or in another manner we prescribe. Continued use after the change constitutes acceptance.
- If payment is overdue, we may suspend access without prior notice.
Article 4 (Customer Data Handling)
- The Service may store organization, member, and invitation data; candidate data (e.g., name, email address, contact method, position, source, close reason); snapshots of Issue bodies; and GitHub webhook delivery logs (headers, payloads, responses, etc.). Delivery logs and audit logs are used for service delivery, audits, incident response, security, and quality improvements, and are retained according to settings and cleanup procedures.
- When registering or syncing third-party information such as candidates on the Service or GitHub, users must obtain necessary consent or have a lawful basis and only input data necessary for hiring operations. We are not responsible for the accuracy or legality of user-provided content.
- Do not input specific personal information (e.g., My Number). In principle, do not input sensitive personal information unless you have explicit consent or a legal obligation and only to the minimum extent necessary. In addition, regulated data such as health information subject to HIPAA, financial information subject to GLBA, payment card data subject to PCI DSS, government-issued ID numbers, bank account numbers, passport numbers, or biometric identifiers are outside the scope of the Service and must not be entered. Avoid entering third-party confidential information.
- For Google Calendar integration, we store encrypted access and refresh tokens, scopes, organization domains, and watch channel information (channel_id, resource_id, token hashes, sync_token, status, etc.). Event titles, times, attendees, descriptions, etc. may be retrieved and used to automatically comment on GitHub Issues or add guests to FlowHub calendars. Users must manage permitted domains and account permissions appropriately.
- We transmit and store data to external services (GitHub, Supabase, Postmark, Stripe, Vercel and Vercel Analytics, Google Calendar API, Sentry, etc.) to the extent necessary to provide the Service. Data is handled in accordance with each external service's terms and policies.
- Rights to customer data (data entered by users or generated through use of the Service) belong to the user or the rightful owner. Users grant us a non-exclusive license to use customer data for providing, maintaining, and supporting the Service, ensuring security, preventing fraud, complying with law, and improving quality.
- Detailed handling of personal information is governed by our Privacy Policy.
Article 5 (Intellectual Property and License)
- Intellectual property rights related to the Service, including software, design, text, and trademarks, belong to us or rightful owners.
- We grant users a non-exclusive, non-transferable, non-sublicensable license to use the Service for its intended purpose.
- You retain rights to any suggestions, requests, or feedback you provide, but you grant us a non-exclusive, irrevocable, worldwide, royalty-free license to use, modify, reproduce, distribute, and publicly display such feedback without restriction.
- Users must not analyze, reverse engineer, decompile, or disassemble the Service.
Article 6 (Prohibited Conduct)
- Acts that violate laws or public order and morals, infringe on others' rights, or post third-party personal information without consent
- Unauthorized access, excessive API requests, or interference with service operations
- Operations on GitHub Organizations or repositories for which the user lacks authority
- Calendar integration or watch channel creation/maintenance using unauthorized domains or accounts
- Sharing, lending, or redistributing confidential information such as calendar invitation links, watch channel URLs/tokens, or OAuth tokens
- Misuse beyond the Service's specifications or acts that violate the terms of external services
Article 7 (Service Changes or Suspension)
We may change, suspend, or terminate all or part of the Service due to GitHub API changes, rate limits, external service outages, maintenance, security needs, or other unavoidable reasons. We will provide advance notice when possible, but may act without notice in emergencies.
Article 8 (Indemnification)
If a user's violation of these Terms or unlawful conduct results in claims or damages against us by a third party, the user will resolve the matter at their own expense and indemnify us for any losses incurred.
Article 9 (Disclaimer and Limitation of Liability)
- The Service is provided on an "as is" basis. We make no warranties, express or implied, including merchantability, fitness for a particular purpose, non-infringement, or availability.
- We are not liable for damages arising from external service outages, specification changes, authentication failures, rate limits, or similar issues.
- If we are liable for damages, except in cases of willful misconduct or gross negligence, our liability is limited to the total amount actually paid by the user in the most recent one-month period (0 yen in the case of free use). We exclude lost profits, indirect damages, and special damages, except where mandatory law provides otherwise.
Article 10 (Term and Termination)
- Users may cancel at any time through the in-product procedures. After cancellation takes effect, fees will stop accruing from the next billing cycle.
- When an organization is deleted, we delete data within the period and methods we prescribe (data on external services is handled under those services' specifications).
- If a user violates these Terms, we may suspend use or terminate registration without prior notice.
Article 11 (Exclusion of Anti-Social Forces)
Users represent and warrant that they are not and will not become members of anti-social forces and have no involvement with such forces. If a user breaches this article, we may suspend the Service and terminate the contract without prior notice.
Article 12 (Force Majeure)
We are not liable for any delay or failure in performance caused by force majeure events beyond our reasonable control, including natural disasters, fires, power outages, epidemics, wars, riots, changes in laws or policies, or external service failures.
Article 13 (Governing Law and Jurisdiction)
These Terms are governed by Japanese law. Any disputes arising out of or related to the Service are subject to the exclusive jurisdiction of the Tokyo District Court as the court of first instance.
Article 14 (Assignment)
Users may not assign or transfer their position under these Terms or any rights or obligations without our prior written consent. We may assign or transfer these Terms or related rights and obligations in connection with a merger, acquisition, business transfer, or similar corporate reorganization.
Article 15 (Severability)
If any provision of these Terms is held to be invalid or unenforceable, the remaining provisions will remain in full force and effect.
Article 16 (Entire Agreement and No Waiver)
These Terms constitute the entire agreement between you and us regarding the Service and supersede any prior agreements or understandings. Our failure to enforce any right or provision will not be deemed a waiver of such right or provision.
Contact
For questions or inquiries about the Service, please contact us at the email address below.