Terms of Service

1. About these Terms

These Terms of Service (the “Terms”) form a legally binding agreement between you and VTAG Software Private Limited, an Indian company operating the TAG Vault platform on behalf of the TAG Projects brand (collectively, “TAG Vault”, “we”, “us”, or “our”), and you (the “User” or “you”), the natural or legal person accessing or using the platform at vault.brikbond.com (the “Service”).

These Terms apply to every interaction with the Service, including the web application, the Progressive Web App (PWA), the Android application, the desktop wrapper, and any associated APIs, public verification endpoints, email, or WhatsApp notifications operated under the TAG Vault brand.

• Effective date: 2026-04-25
• Version: 1.0
• Governing law: Republic of India (see §22)
• Issuing entity: VTAG Software Private Limited, having its registered office at [VTAG Software registered office — to be entered after office relocation], India.

We have written these Terms in plain English wherever the law permits, and used formal language only where Indian statutes require precision.

2. Acceptance of Terms

You accept these Terms by completing the click-wrap acceptance flow at sign-up. That flow:

1. Renders these Terms in full inside a scrollable container, with a scroll-to-bottom gate before the acceptance controls become active.
2. Presents a separate, unticked checkbox for these Terms and a separate checkbox for the Privacy Policy. You must affirmatively tick each box.
3. Records, on the server, the exact version of these Terms you accepted (by content hash and version label), the UTC timestamp of your acceptance, your IP address, your user-agent string, and the user identifier (e.g. your verified email).
4. Sends you a welcome email with a copy of the accepted version attached, and a link to the version-history page.

We retain this acceptance record for seven (7) years from the date your account is closed, in line with our Data Retention Policy and the limitation periods in the Limitation Act, 1963.

If you do not accept these Terms, you must not use the Service. You may withdraw acceptance prospectively by closing your account at any time (see §17), but this does not undo signed documents you executed while these Terms were in force.

3. Eligibility

You confirm, and self-attest at sign-up by ticking the eligibility checkbox, that:

• You are at least eighteen (18) years of age and competent to contract under §11 of the Indian Contract Act, 1872 (“ICA”).
• You are not a person disqualified from contracting under any law in force in India.
• If you are signing up on behalf of a company, partnership, limited-liability partnership, society, trust, or other organisation, you have the authority to bind that organisation, and the organisation accepts these Terms.

Account creation requires you to enter your date of birth, from which we calculate your age. Accounts where the entered date of birth indicates an age under 18 will be refused at the signup step. This date-of-birth gate is in addition to your eligibility representation here.

We do not knowingly create accounts for, or process the personal data of, persons under eighteen. If we learn that an under-eighteen person has registered, we will close the account and delete the data, in line with §9(3) Digital Personal Data Protection Act, 2023 (“DPDP Act”).

If you sign on behalf of an organisation, the organisation is the contracting party and is jointly responsible with you for compliance with these Terms.

4. The Service — what TAG Vault is

TAG Vault is a single-tenant, mobile-first software platform for real-estate document workflows. The Service includes:

• Document storage. Upload, organise, tag, and retrieve real-estate documents (sale deeds, agreements for sale, leases, leave-and-licence agreements (some leases — any term over 11 months, or year-to-year — also require registration with your local Sub-Registrar; e-signing on TAG Vault completes the contract under §10A IT Act but does not register it; see §8), NOCs, mortgages, brokerage engagements, indemnity bonds, allotment letters, possession letters, completion certificates, and similar).
• Multi-party electronic signing. Send a document to one or more counterparties, collect their electronic signatures under §3A Information Technology Act, 2000 (“IT Act”), embed the signature images at the agreed coordinates, and seal the resulting PDF with an ECDSA P-256 cryptographic seal over a SHA-256 hash of the document bytes.
• Audit trail. Every state change is recorded in a tamper-evident, append-only audit log (rejected at the database engine layer, not just the application layer).
• Public verification endpoint. Anyone — including a third party with no TAG Vault account — can verify the integrity of a sealed PDF by submitting its SHA-256 hash to the public verification endpoint (see §12).
• Tamper-evident retention. Sealed PDFs and their certificates of completion are written to AWS S3 Object Lock COMPLIANCE storage in the ap-south-1 region (Mumbai), with cross-region replication to ap-south-2 (Hyderabad), for ten (10) years from the date of sealing.
• Delivery channels. A Next.js web/PWA front end, a Capacitor-wrapped Android APK, and an Electron-wrapped desktop application.

The Service is single-tenant at MVP — your data lives in your account and is not commingled with other users’ data at the application layer.

5. The Service — what TAG Vault is NOT

The Service is software-as-a-service. It is not any of the following, and you must not treat it as such.

5.1 Not a law firm

TAG Vault does not provide legal advice. Nothing on the platform — including templates, defaults, helper text, error messages, or this document itself — constitutes legal advice. We are not a substitute for a qualified advocate. If you need legal advice, consult an advocate enrolled with a State Bar Council under the Advocates Act, 1961.

5.2 Not a notary public

TAG Vault does not perform notarisation under the Notaries Act, 1952 or any State law. If a document you sign on TAG Vault requires notarisation under any applicable law (including affidavits, declarations on oath, attested powers of attorney, or court affidavits), you must obtain notarisation separately from a notary public duly appointed under the Notaries Act, 1952 and authorised in the relevant jurisdiction. Where a notary, advocate, or other professional is listed as a “signer” on TAG Vault, that person is acting in their personal capacity as a signing party or witness within the platform; their TAG Vault e-signature is not a notarial act, does not carry a notarial seal, and does not satisfy any statutory requirement of notarisation, attestation, or apostille.

5.3 Not a Sub-Registrar; we do not register documents

E-signing on TAG Vault does not register a document with any Sub-Registrar of Assurances under the Registration Act, 1908. Documents that affect title to immovable property — including sale deeds, gift deeds, mortgages (other than mortgages by deposit of title deeds), leases for any term from year-to-year or exceeding one year, and agreements for sale where possession is transferred — must be registered at the local Sub-Registrar Office under §17 Registration Act, 1908. Until registration, the document does not, by virtue of §49 of that Act, affect any immovable property comprised therein, nor be received as evidence of any transaction affecting such property. TAG Vault does not file, lodge, or present any document for registration; you must do so personally before the appropriate Sub-Registrar.

5.4 Not a stamp vendor; we do not pay or compute stamp duty

TAG Vault does not sell stamps, compute stamp duty, collect duty, or remit duty to any State exchequer. Stamp duty is your responsibility under the Indian Stamp Act, 1899 and the stamp law of the relevant State. Failure to pay correct duty attracts impounding under §33 Indian Stamp Act, 1899 and a penalty of up to ten times the deficient duty under §40. The platform fee TAG Vault charges (when introduced) is for software services only; it is not stamp duty.

5.5 Not a real-estate agent under RERA §2(zm)

TAG Vault is a software-as-a-service platform operated by VTAG Software Private Limited / TAG Projects. It is not a “real-estate agent” within §2(zm) of the Real Estate (Regulation and Development) Act, 2016 (“RERA”), and is not registered as a real-estate agent under §9 of that Act. TAG Vault does not negotiate, broker, list, advertise, or facilitate the sale, purchase, lease, or transfer of any plot, apartment, or building. It does not handle consideration, deposits, escrow, or commission. The platform fee TAG Vault charges is for software services only and does not constitute brokerage, commission, or finder’s fee. Where a real-estate agent uses TAG Vault to obtain electronic signatures from clients, that agent remains solely responsible for compliance with §§9–10 RERA, 2016 and the corresponding State RERA Rules.

5.6 Not an Aadhaar eSign provider

TAG Vault does not offer Aadhaar-based electronic signatures issued under the Second Schedule of the IT Act and the Electronic Signature or Electronic Authentication Technique and Procedure Rules, 2015. We may add Aadhaar eSign as a parallel option in a future phase; until we publish that change, the Service uses §3A “electronic signatures” only.

5.7 Not a DSC issuer

TAG Vault is not a Certifying Authority licensed under §§17–24 IT Act. We do not issue Digital Signature Certificates (“DSCs”) under §3 read with §35 IT Act. If you require a DSC (for MCA filings, GST signing, income-tax e-filing, etc.), obtain one from a licensed Certifying Authority such as eMudhra, Sify, or (n)Code Solutions.

5.8 Not a payment processor or escrow

TAG Vault does not hold, route, or escrow money for any User. The Service does not collect consideration on behalf of buyers or sellers. Any payment between counterparties happens off-platform, by means you and your counterparty agree separately.

6. Nature of the signature (§3A IT Act)

Your TAG Vault signature is an electronic signature under §3A of the Information Technology Act, 2000. This is one of the three electronic-signature types Indian law recognises. It is not a Digital Signature Certificate (DSC) issued under §3 read with §35 of the IT Act. It is not an Aadhaar-based eSign issued under the Second Schedule and the Electronic Signature or Electronic Authentication Technique and Procedure Rules, 2015.

The reliability features in §3A(2)(a)–(d) of the IT Act apply, and §10A of that Act governs contract formation. Therefore, the statutory presumption under §85B of the Indian Evidence Act, 1872 (or its corresponding provision in the Bharatiya Sakshya Adhiniyam, 2023, replacing the Indian Evidence Act, 1872 from 1 July 2024) does not automatically attach to your signature.

Lawyer to confirm exact BSA section number replacing §85B IEA prior to publication.

When a court reviews your signature, the burden of proving its reliability lies with us. We meet this burden by maintaining the audit log, the certificate of completion, the cryptographic seal, and the S3 Object Lock copy — see §11.2.

We append the §63 BSA / §65B IEA certificate as the final page of every sealed PDF, in a two-part Part A / Part B form prescribed by the BSA Schedule. The certificate identifies the document, the hash, the algorithms (SHA-256 and ECDSA P-256), the seal-key fingerprint, the manner of production, and the §65B(2) IEA / §63(2) BSA conditions.

7. Documents you can and cannot sign here

7.1 Documents you can sign

Following the MeitY notification dated 26 September 2022 (gazette 4 October 2022) which omitted the former entry (e) “any contract for the sale or conveyance of immovable property” from the First Schedule of the IT Act, the following document types can be electronically signed on TAG Vault:

• Sale deeds, agreements for sale, lease deeds, leave-and-licence agreements
• Mortgage deeds (other than mortgages by deposit of title deeds)
• No-Objection Certificates (NOCs)
• Brokerage engagement letters, service agreements, non-disclosure agreements (NDAs), indemnity bonds
• Allotment letters, possession letters, completion certificates
• Powers of Attorney where the donee is an entity regulated by the RBI, NHB, SEBI, IRDAI, or PFRDA

7.2 Documents we hard-block at upload

The First Schedule of the IT Act 2000 (post-26 September 2022 amendment) excludes the following from electronic execution. We block these at upload:

• Negotiable instruments other than cheques (such as promissory notes and bills of exchange), except those drawn in favour of BFSI-regulated entities under the carve-outs to entry (a)
• Powers of Attorney between individuals (only POAs to BFSI-regulated entities are e-signable post-2022)
• Trust deeds creating a trust under §3 Indian Trusts Act, 1882
• Wills and codicils under §2(h) Indian Succession Act, 1925

If you attempt to upload one of these, the platform will reject the upload with an error message explaining the statutory bar.

7.3 Your responsibility for content type

Document-type classification is partly your responsibility. We use document tags and content checks to enforce the First Schedule bar on a best-efforts basis, but you must not attempt to misclassify a Will, Trust Deed, individual-to-individual POA, or other excluded instrument as a permitted document type to bypass the upload block.

8. Stamping and registration are your responsibility

1. Stamp duty. Many documents you sign on TAG Vault are chargeable with stamp duty under the Indian Stamp Act, 1899 or under the stamp law of the State where the property is situated, where the document is executed, or where it is to be brought into evidence. You are responsible for paying the correct stamp duty before, at the time of, or as soon after execution as the law of the relevant State allows. TAG Vault does not pay, verify, or affix stamp on your behalf. The platform fee TAG Vault charges is not stamp duty.
2. State e-stamping. Most Indian States have notified electronic stamping (“e-stamp”) regimes operated by Stock Holding Corporation of India Limited (SHCIL) or similar agencies (Telangana IGRS, Andhra Pradesh CARD, Maharashtra eSBTR, Karnataka Kaveri, Delhi eGRAS, Tamil Nadu STAR2.0). You must obtain the e-stamp certificate from the relevant State portal and pay the duty under your State’s Schedule I. Failure attracts impounding under §33 Indian Stamp Act, 1899 and a penalty of up to ten times the deficient duty under §40.
3. Registration is separate from signing. E-signing on TAG Vault does NOT register a document with any Sub-Registrar of Assurances under the Registration Act, 1908. Most documents that affect title to immovable property — including (i) sale deeds, (ii) gift deeds, (iii) mortgage deeds (other than mortgages by deposit of title deeds), (iv) lease deeds for any term from year-to-year or exceeding one year, (v) agreements for sale where possession is being transferred — must be registered at the local Sub-Registrar Office under §17 Registration Act, 1908. Until registration, the document does not, by virtue of §49, affect any immovable property comprised therein, nor be received as evidence of any transaction affecting such property. TAG Vault does not file, lodge, or present any document for registration; you must do so personally before the appropriate Sub-Registrar.

8.1 Worked examples

These examples are illustrative only, not legal advice. Confirm current rates and registration requirements with your advocate for each transaction.

• 11-month residential rental in Maharashtra. A leave-and-licence agreement for an 11-month term in Maharashtra is chargeable with stamp duty at approximately 0.25% of the total rent plus deposit (Article 36A, Schedule I, Maharashtra Stamp Act, 1958) and is registrable under §55 of the Maharashtra Rent Control Act, 1999. E-signing on TAG Vault does not satisfy the stamp or registration obligation.
• Sale deed for a flat in Hyderabad, Telangana. A sale deed for immovable property in Telangana is chargeable with stamp duty, transfer duty, and registration charges totalling approximately 6% of consideration or sub-registrar’s market value (whichever is higher), levied under the Indian Stamp Act, 1899 (as adapted in Telangana) read with the Registration Act, 1908. The deed must be registered at the jurisdictional Sub-Registrar under §17 Registration Act, 1908. E-signing on TAG Vault forms the contract under §10A IT Act, but does not register it; the deed will not affect title until physically presented for registration. (Worked rates approximate — verify current Telangana State rates with counsel.)
• Brokerage engagement letter in Telangana. An engagement letter between a buyer and a RERA-registered broker is typically chargeable with a fixed stamp duty of approximately ₹100 under the relevant article of the Indian Stamp Act, 1899 (as adapted in Telangana). It is not registrable under §17 Registration Act, 1908. E-signing on TAG Vault completes execution; you remain responsible for the e-stamp. (Verify the exact article and amount with counsel before publication.)

9. Your account

You may hold one account per natural person. Account sharing — including sharing your password, magic-link email, OTP, or refresh-token cookie with any other person — is not permitted, because each account is bound to one signing identity for evidentiary purposes.

You are responsible for:

• Keeping your password confidential. We hash passwords with Argon2id and cannot recover them in plaintext.
• Enabling Time-based One-Time Password (TOTP) multi-factor authentication. We strongly recommend it; the Service supports it natively.
• Notifying us promptly at security@brikbond.com if you suspect your credentials, OTP, or device has been compromised, or if you receive a sign-in alert you did not initiate.
• Logging out from shared or public devices.

If you sign up on behalf of an organisation, the organisation is responsible for de-provisioning the account when your role changes.

10. Acceptable use

You agree to use the Service in line with our Acceptable Use Policy (“AUP”), which forms part of these Terms by reference. The AUP lists the prohibited uses in full — including (without limitation) uploading Schedule I excluded documents, attempting to defeat upload blocks, attempting unauthorised access, and uploading unlawful content. A breach of the AUP is a breach of these Terms.

We act as an intermediary within §2(1)(w) IT Act for the storage and routing of documents you upload. The cryptographic seal we apply, the §63 BSA / §65B IEA certificate page, and the audit log are TAG Vault’s own records, which we maintain as a Data Fiduciary, not as an intermediary. The §79 safe-harbour applies to the intermediary functions; our certificate-of-completion and seal are our own evidentiary statements. We will action takedown notices in line with Rule 3(1)(d) of those Rules within thirty-six (36) hours of receipt.

11. Intellectual property

11.1 Our platform

TAG Vault, including all software, designs, brand names (“TAG Vault”, “TAG Projects”, “Treasure Your Property”), logos, page layouts, and documentation, is owned by VTAG Software Private Limited / TAG Projects or used under licence. We grant you a limited, non-exclusive, non-transferable, revocable licence to use the Service in line with these Terms — no other rights are granted by implication.

11.2 Your content

You retain all ownership and intellectual-property rights in the documents and other content you upload (your “User Content”). You grant us a limited, worldwide, royalty-free licence to host, store, transmit, display, and process User Content strictly to deliver the Service to you, including:

• Storing and replicating User Content in ap-south-1 and ap-south-2
• Routing User Content to the signers you nominate
• Embedding signatures and the §63 BSA certificate page into the document
• Sealing the resulting PDF and computing the SHA-256 hash for the public verification endpoint
• Producing User Content to a court, regulator, or law-enforcement agency on a lawful direction (we will notify you unless prohibited)

This licence ends when the related document is exported, deleted, or our retention obligation lapses, except for the limited copy retained under §7(c) read with the proviso to §8(7) of the DPDP Act / our Data Retention Policy for compliance with law.

11.3 No licence for AI training, marketing, or other purposes

We do not train any AI or machine-learning model on User Content. We do not use User Content for marketing or advertising. We do not sell, share, or licence User Content to data brokers, advertisers, analytics vendors, or any third party other than the sub-processors disclosed in the Privacy Policy.

11.4 Your warranties about User Content

You warrant that you own, or have the rights to upload, every document you upload, that the document does not infringe any third party’s copyright, trademark, or other rights, and that uploading and signing it does not breach any law in force in India.

12. Public verification endpoint

The Service includes a public verification endpoint at POST /v1/verify. Any person — including a third party with no TAG Vault account — may submit the SHA-256 hash of a sealed PDF and receive a JSON response confirming whether the hash matches a sealed document on file, the seal-key fingerprint, and a redacted signer-audit summary.

This is a deliberate feature designed to give relying parties (banks, advocates, registrars, counterparties) an independent way to verify the integrity of a TAG Vault-sealed document. The SHA-256 hash is a one-way digest of the sealed PDF bytes; it is not the document content. Submitting a hash to the verification endpoint discloses only that a sealed-PDF with that hash exists on TAG Vault, plus the redacted signer-audit summary.

By using the Service to seal a document, you acknowledge and consent to this disclosure mode. If you do not want the integrity of a sealed PDF to be verifiable by a third party who possesses that PDF, do not seal the document on TAG Vault.

13. Notifications

We send the following notifications:

• Transactional email (via AWS SES) for OTPs, signature requests, audit confirmations, sealed-PDF delivery, and security alerts.
• Transactional WhatsApp messages (via Meta WhatsApp Business Cloud API, utility templates only) for OTPs and signature requests, where you have provided a verified Indian mobile number.
• Marketing email (optional, opt-in) for product updates. Marketing email is opt-in, separate, and unticked by default; you may unsubscribe at any time using the link in every marketing message.

Transactional notifications are necessary for service delivery and are sent under §7(a) DPDP Act (“voluntarily provided”). For details on data flows — including the cross-border transmission of phone-number metadata to Meta servers — see our Privacy Policy.

14. Service availability

We do not promise an uninterrupted service. You should expect occasional downtime, feature changes, or short incidents while we iterate. Our retention and security commitments do not change with the cadence:

• Sealed PDFs are immediately written to S3 Object Lock COMPLIANCE for ten (10) years.
• Audit-log entries are appended through database triggers that reject UPDATE and DELETE at the engine layer.
• ECDSA P-256 sealing, AWS KMS envelope encryption, Argon2id password hashing, and the Block Public Access policy on every S3 bucket are in production from day one.

15. Service modifications and discontinuance

We may add, change, or remove features. For any material discontinuance — such as shutting down the Service, removing a primary feature like signing or storage, or migrating data to a successor platform — we will give you at least thirty (30) days’ written notice by email to your verified address.

Within that notice period, you may export your User Content (including the sealed PDFs and audit timeline) using the Data Portability tool in account settings. After cutover, your sealed PDFs remain retrievable in line with the Data Retention Policy.

For non-material clarifications (typo fixes, link updates, minor UX changes), we do not give advance notice; we simply ship the change.

16. Fees and pricing

The Service is offered free of charge during the MVP phase. We do not currently collect platform fees from end users.

When we introduce paid plans, we will:

• Notify each existing User by email at least thirty (30) days before the change takes effect.
• Publish the price list on the website.
• Keep a free tier or grace period appropriate to the User type, in line with applicable consumer-protection law.

The platform fee is a fee for software services only. It is not brokerage, commission, finder’s fee, stamp duty, registration fee, or notarial fee. Indian taxes (GST) will be charged on top, where applicable.

17. Termination

17.1 Termination by you

You may close your account at any time from the account settings page. Account closure triggers the retention timetable in our Data Retention Policy: for example, profile data is erased ninety (90) days post-closure, authentication credentials are cryptographically erased thirty (30) days post-closure, and sealed PDFs survive in S3 Object Lock COMPLIANCE for the balance of their ten-year retention.

17.2 Termination by TAG Vault for breach

We may suspend or terminate your account, with notice to your verified email, if we reasonably determine that you have materially breached these Terms or the AUP, or that continued service would expose us to legal liability, regulatory sanction, or imminent harm to other Users.

For ordinary breaches we will give you written notice and a cure period of at least seven (7) calendar days, unless the breach is one of the incurable breaches listed below (upload of CSAM, repeated upload of First Schedule excluded documents after warning, attempted security breach of TAG Vault’s systems, fraudulent representation of identity), in which case termination may be immediate.

17.3 What survives termination

Sealed PDFs and the §63 BSA certificates of completion are retained under §7(c) read with the proviso to §8(7) of the DPDP Act for the balance of their ten-year retention. Audit-log entries survive for seven (7) years from the event. Sections 6 (Nature of the signature), 11 (IP), 18 (No warranty), 19 (Limitation of liability), 20 (Indemnity), 22 (Governing law), and 26 (Grievance Officer) survive termination.

18. No warranty

The Service is provided “as is” and “as available”. We do not warrant uninterrupted operation, error-free behaviour, or that the Service will meet every individual requirement. We use commercially reasonable engineering practices — including code review, unit and integration tests, daily backups, alerting, and AWS multi-region replication — but no software service is impervious.

Nothing in this clause limits your statutory rights as a consumer under the Consumer Protection Act, 2019 or any other Indian law that may not be excluded by contract.

19. Limitation of liability

1. Excluded categories. To the maximum extent permitted under Indian law, TAG Vault, VTAG Software Private Limited, TAG Projects, and their respective directors, officers, employees, and contractors are not liable for any indirect, consequential, special, incidental, exemplary, or punitive damages, loss of profit, loss of business opportunity, loss of goodwill, loss of data (other than data lost as a direct result of TAG Vault’s gross negligence or wilful misconduct), or any cost of substitute services.
2. Aggregate cap. Subject to clause 4, TAG Vault’s aggregate liability arising out of or in connection with these Terms, the Service, or any document signed using the Service, in any twelve-month period, shall not exceed the greater of (a) the platform fees actually paid by the affected user to TAG Vault in the twelve (12) months preceding the event giving rise to the claim, or (b) ₹2,00,000 (Rupees two lakh).
3. Free-tier users. For users who have paid no fees, the aggregate cap is ₹2,00,000 (Rupees two lakh).
4. 3-A. Per-envelope cap for sealed-document harm. Where a claim arises from corruption, loss, non-availability, or material defect of a sealed PDF generated by TAG Vault that was relied on for a real-estate transaction, the aggregate cap for that single envelope is ₹10,00,000 (Rupees ten lakh), in addition to the cap in §19.2. This cap reflects a rational allocation of risk for sealed-document harm and gives users notice of the magnitude of recoverable damages.
5. Carve-outs (no cap). Nothing in this clause limits liability for: (i) any liability under the Consumer Protection Act, 2019 for unfair trade practices, defective service, or dark patterns; (ii) death or personal injury caused by TAG Vault’s negligence; (iii) fraud or fraudulent misrepresentation by TAG Vault; (iv) any liability that cannot lawfully be limited under Indian law including liability under §17 Indian Contract Act, 1872; (v) any obligation to refund stamp duty incorrectly collected (which TAG Vault does not collect); or (vi) such other liability as cannot be excluded or limited under Indian law.
6. No bar on courts. Nothing in these Terms restricts your right to file a complaint before, or seek relief from, any court of competent jurisdiction, the District / State / National Consumer Disputes Redressal Commission under the Consumer Protection Act, 2019, the Data Protection Board under DPDPA, 2023, or any Indian regulator. Any such restriction would be void under §28 Indian Contract Act, 1872.

20. Indemnity

You agree to indemnify and hold harmless TAG Vault, VTAG Software Private Limited, TAG Projects, and their respective directors, officers, employees, and contractors from and against any third-party claim, demand, action, loss, or expense (including reasonable advocates’ fees) that arises out of or relates to:

• Your breach of these Terms or the AUP
• Your breach of an applicable law, including the IT Act, the Stamp Act, the Registration Act, RERA, the Consumer Protection Act, 2019, the Bharatiya Nyaya Sanhita, 2023 (“BNS”), or the DPDP Act
• Any third-party claim that User Content you uploaded infringes intellectual property, violates privacy, or is unlawful
• Your wilful misclassification of an excluded document under §7

We will indemnify you on a like-for-like basis where a third party claims that the Service software itself (excluding your User Content) infringes that third party’s Indian IP rights, provided you give us prompt notice and reasonable cooperation in defending the claim.

The aggregate indemnity payable by either party under this clause is capped at the same quantum as §19.2 (greater of twelve-month fees or ₹2,00,000), subject to the carve-outs in §19.4.

21. Force majeure

1. Neither party is liable for failure or delay in performing obligations (other than payment) to the extent caused by an event beyond reasonable control that meets ALL of: (a) the event is one listed in clause 2; (b) was unforeseen at the date of these Terms; (c) could not have been avoided by reasonable steps; (d) the affected party notified the other in writing within seven (7) days; (e) the affected party uses commercially reasonable efforts to mitigate.
2. Events covered: (i) Acts of God; (ii) war, armed conflict, riot, terrorism, cyber-attack (provided not caused by affected party’s failure to maintain commercially reasonable security); (iii) pandemic, epidemic, or public-health emergency declared by GoI or WHO, with related government direction materially affecting performance; (iv) lawful government direction under IT Act §69/§69A/§70/§79, Telecommunications Act 2023, DPDPA Board, or any competent Indian regulator/court that prevents or materially restricts performance, including data-localisation orders affecting hosting in ap-south-1/ap-south-2; (v) AWS regional outage in ap-south-1 AND ap-south-2 simultaneously, sustained >4 consecutive hours, acknowledged in AWS Service Health Dashboard; (vi) ISP / submarine-cable / national-backbone outage materially affecting either ap-south region; (vii) labour strike, lockout, industrial action, provided not caused by affected party’s labour-law breach; (viii) embargo, sanction, export-control, or trade-restriction lawfully imposed by GoI.
3. Carve-outs. Force majeure does NOT excuse: (i) failure to pay sums due; (ii) breach of confidentiality or data-protection obligations; (iii) failure arising from affected party’s own negligence, breach, or non-compliance; (iv) failure of affected party’s own internal IT systems where reasonable redundancy was not in place.
4. Termination for prolonged force majeure. If a force-majeure event continues >30 consecutive days, either party may terminate by written notice with immediate effect, without liability except for accrued obligations.

22. Governing law and jurisdiction

These Terms are governed by, and construed in accordance with, the laws of the Republic of India, without regard to its conflict-of-laws principles.

• Courts. Any claim TAG Vault brings against you may be filed only in the competent courts at [Enter jurisdiction — to be set once VTAG Software’s registered office is finalised]. You may bring any claim against TAG Vault in that jurisdiction, or in any court of competent jurisdiction in India under §20 of the Code of Civil Procedure, 1908, or before the District / State / National Consumer Disputes Redressal Commission having jurisdiction under §11 of the Consumer Protection Act, 2019.
• Optional arbitration fallback. By mutual written agreement, the parties may refer a dispute to arbitration under the Arbitration and Conciliation Act, 1996, with seat at [Enter arbitration seat — same as the courts above], before a sole arbitrator, conducted in English. Failing agreement on the arbitrator within thirty (30) days, the arbitrator may be appointed by the [Enter High Court — for the chosen jurisdiction] under §11 of that Act. Pendency of arbitration does not bar interim relief from the courts at the seat under §9 of that Act.

23. Notices

23.1 Electronic notice is valid

Both parties acknowledge that electronic notice is a valid mode of communication under §13 IT Act.

23.2 Notices to you

We will send notices to your verified email address. It is your responsibility to keep that address current. Notices sent to that address are deemed received twenty-four (24) hours after sending.

23.3 Notices to us

You may send notices to us by:

• Email to legal@brikbond.com (primary), with a copy to grievance@brikbond.com for grievances; AND
• Postal courier (as a backup) to: VTAG Software Private Limited, [VTAG Software registered office — to be entered after office relocation], India.

For grievances under the IT Rules 2021 / DPDP Act, please use the Grievance Officer block at §26.

24. Amendments

We may amend these Terms from time to time.

• For material changes — including changes to the liability cap, the dispute-resolution clauses, the categories of excluded documents, the retention timetable, or the lawful basis for processing — we will notify you by email at least thirty (30) days in advance, with a redline summary, and request fresh affirmative acceptance.
• For non-material clarifications (typos, link updates, formatting), the change takes effect on publication, and we will note the change in the version log.

We will not rely on “continued use” as your acceptance of a material change. Material changes require actual notice and, where the law requires, fresh consent under §6 DPDP Act.

25. Severability, waiver, entire agreement

• Severability. If any clause of these Terms is held invalid or unenforceable by a court of competent jurisdiction, the remainder of these Terms continues in force, and the invalid clause is modified to the minimum extent necessary to render it enforceable.
• Waiver. Failure or delay in enforcing any clause is not a waiver of that clause or of any other clause.
• Entire agreement. These Terms, together with the Privacy Policy, the Cookie Policy, the Acceptable Use Policy, the Data Retention Policy, and (for B2B Users) the Data Processing Addendum, form the entire agreement between you and TAG Vault on the subject matter, and supersede prior representations on the same subject matter. Nothing in this clause excludes liability for fraudulent misrepresentation under §17 ICA.

26. Grievance Officer

If you have a grievance — including any complaint about content, account access, data protection, or a request to exercise a right under the DPDP Act — please contact our Grievance Officer.

Grievance Officer
[Grievance Officer Name]
TAG Projects (operated by VTAG Software Private Limited)
[VTAG Software registered office — to be entered after office relocation]
Email: grievance@brikbond.com
Phone (optional): [Phone — optional, to be confirmed]

The Grievance Officer holds three statutory hats and operates to the shorter applicable timeline in each case. Where multiple SLAs apply, the shortest SLA applies.

For child-safety / non-consensual sexually explicit content the timeline is 24 hours under Rule 3(2)(b) of the IT Rules 2021. For general unlawful content under Rule 3(1)(d), the takedown timeline is 36 hours from receipt of a valid notice. The detailed DPDP procedure (rights of access, correction, completion, erasure, nomination) lives in the Privacy Policy.

If your grievance relates to the DPDP Act and you are not satisfied with the Grievance Officer’s response, you may approach the Data Protection Board of India under §27 DPDP Act.

27. Contact