Terms of Use governing the use of Suite 366 by end users within a professional (B2B EU) context.
Scriptor Artis SAS
SIRET: 89140307300010 · NAF: 7022Z
Registered office: 15 faubourg Saint Louis, 09270 Mazères, France
Château de Ranrouët, 44410 Herbignac, France
The 366 software and platform (hereinafter "366", "Suite 366", "Workspace 366", or the "366 Platform") are published by SCRIPTOR ARTIS, a simplified joint stock company incorporated under French law, registered with the Trade and Companies Register, with its registered office at 15 faubourg Saint Louis, 09270 Mazères, France, represented by its President (hereinafter the "PUBLISHER").
366 is a professional collaborative suite enabling a user Organisation to operate a unified work environment including, in particular: email, calendar, document storage and management, document editing, instant messaging, video conferencing (if enabled), automations, connectors, APIs and artificial intelligence agents.
366 integrates an artificial intelligence and orchestration engine (the "AI Engine") developed by the PUBLISHER, which may combine generative AI systems, autonomous agents (Agentic AI), embedding engines, RAG (Retrieval-Augmented Generation) architectures and specialised algorithms. Depending on the Organisation's configuration, the AI Engine may use Models provided by Third-Party Providers.
These Terms of Use set out the conditions under which authorised Users may use 366 within professional Organisations established in the European Union and holding a legal identifier (SIREN or equivalent). They do not apply to consumers.
The most recent functional and technical documentation relating to 366 and, where applicable, the AI Engine, is regularly updated by the PUBLISHER (including via its secured documentation spaces). Such updates do not affect the validity of these Terms of Use.
These terms of use (the "Terms of Use" or "Terms") govern how Users may use 366 within a customer Organisation.
Any access to and/or use of 366 requires compliance with these Terms and their unconditional acceptance. They form a contract binding on the PUBLISHER and the Organisation, and are binding on Users through their use of 366 and the authorisation granted by the Administrator.
If these Terms are breached, the PUBLISHER reserves the right to take any measure necessary to protect its rights, the security of the service and compliance requirements.
Terms and expressions identified by an initial capital letter in these Terms shall have the meanings set out below, whether used in the singular or plural:
"Organisation"
Means the legal entity or professional organisation established in the European Union, holding a legal identifier (SIREN or equivalent), entitled to access 366 under a subscription offer (SaaS) and/or an on-premises licence.
"User" (or "end user")
Means any natural person duly authorised by the Administrator to access and use 366 via a dedicated URL, an application, an API or any compatible device, within the scope of access rights and settings defined by the Administrator.
"Administrator"
Means the User authorised to configure and administer access to 366 for other Users, including access rights, security settings, Connectors, Modules, AI Agents, Knowledge Bases, Automations, and to create and manage User accounts.
"366" / "Suite 366" / "366 Platform" / "366 Software"
Means the complete software product developed by the PUBLISHER, including the code, interface, collaborative Modules (email, documents, calendar, chat, etc.), APIs, connectors, data structures, architectures and technical processes, as well as the associated documentation. The 366 Software remains the exclusive property of the PUBLISHER.
"SaaS Mode"
Means 366 made available from a single URL, hosted within the European Union in accordance with Annex A.
"On-Premises Mode"
Means 366 deployed and executed within the Organisation's technical environment (infrastructure/cloud under the Organisation's control), in accordance with Annex B.
"Organisation Account"
Means the Organisation's reference space in 366, allowing in particular the administration of Users, Modules, AI Agents, Organisation Data, Connectors and Automations.
"Organisation Data"
Means all data, information, content or documents of any kind and in any format uploaded, entered, transmitted, received, imported or generated in 366 by the Organisation, the Administrator and/or Users, directly or via Modules, Connectors or external interfaces. This includes in particular emails, attachments, files, documents, messages, calendars, contacts, prompts, settings, metadata, logs and traces.
"Communication Data"
Means data relating to email, chat, video conferencing and calendar services (content and technical metadata required for routing, synchronisation, security and operation).
"Module"
Means a set of software features enabling (i) the provision of collaborative services, (ii) the orchestration and integration of one or more AI Agents, and/or (iii) interfacing and exchanging data with external services via APIs/Connectors.
"Connector"
Means a connectivity Module dedicated to synchronising and/or interconnecting external services (for example Google Workspace, Microsoft 365, CRM, ERP, etc.) with 366.
"API" (Application Programming Interface)
Means the set of rules, protocols and integrated software tools enabling secure connection, exchange and interfacing between 366 (and its AI Agents) and external applications, systems or services.
"API Call"
Means the act of using an API to send, receive or process a request between 366 and an external service.
"Knowledge Base"
Means any set of content, data, documents or information made available to 366, uploaded by a User or an Administrator, or sourced from a Third-Party Provider and/or a Connector, for use by one or more AI Agents as part of their operation.
"Agent" or "AI Agent"
Means an instance of generative artificial intelligence designed, configured and orchestrated within 366 from an identity prompt and configurable elements (Knowledge Bases, tools, Connectors, etc.). Depending on its configuration, an Agent may use one or more language models (LLMs), embedding engines, RAG architectures and Agentic AI modules, in a personalised and secure manner.
"Agentic AI"
Means the component that gives an AI Agent autonomy, planning and orchestration capabilities, allowing it to analyse an objective and choose/execute actions (tool calls, queries, processing) in a supervised and secure way.
"Prompt"
Means any instruction, request or signal – text, voice, visual or otherwise – issued by a User, an AI Agent or a Module to the AI Engine and/or an AI Model in order to obtain a response, an action or a Result.
"Result"
Means any content, data, response, action or output generated by an AI Agent, an AI Model or a 366 Module in response to a Prompt or a trigger.
"Automation"
Means any scenario, rule, trigger, workflow, orchestration or AI Agent leading to processing and/or Actions within 366 and/or towards external systems.
"Executed Action"
Means an action performed by 366 (automatically or upon instruction) which may have an internal or external effect (e.g., sending an email, creating/modifying a document, updating a CRM, creating a calendar event, etc.).
"Model" / "AI Model" / "Third-Party Model"
Means an artificial intelligence model (LLM, multimodal, embedding, etc.) selected and accessible through 366, which may be provided by the PUBLISHER or by a Third-Party Provider.
"Third-Party Providers"
Means any third party providing services or technologies integrated with or interfaced to 366 (including AI models, embeddings, connectors, infrastructure, email delivery services, etc.), under their own licence and without any transfer of liability to the PUBLISHER, unless otherwise agreed in writing.
"Token"
Means the unit of computation and measurement used to assess the consumption of AI Model resources for a request/inference.
"Anomaly"
Means any bug, error, failure, malfunction, incident, blockage, incompatibility, non-compliance, deficiency, degradation or regression preventing normal use of all or part of 366.
"Services"
Means all services provided by the PUBLISHER to the User, including access to and use of 366, AI Models, and any other associated service, software, application or website.
Access to 366 is reserved for professional Organisations established in the European Union and holding a legal identifier (SIREN or equivalent). The Administrator warrants that they act in the name and on behalf of the Organisation and have the required authority.
Opening an Organisation Account formalises the exercise of the right of use granted under the applicable SaaS offer and/or On-Premises licence:
The Organisation Account allows, in particular: administering Users, enabling/disabling Modules, managing Knowledge Bases, configuring AI Agents and administering Connectors and Automations.
366 is accessible to any User who has been granted access by the Administrator.
The User undertakes to keep their credentials confidential and not to disclose them. In the event of loss or compromise, the User shall immediately notify the Administrator.
The User is solely responsible for the proper functioning of their IT equipment and their Internet access.
The User is responsible for the Prompts entered into 366, as well as any configurations made when the User is authorised to do so.
The User undertakes to comply with applicable laws and regulations, including copyright, trade secrets and personal data protection.
The PUBLISHER shall not be liable for User Prompts or content that breach the law or infringe third-party rights.
Because of the nature of the Services, if another user uses a Prompt similar to the User's, an AI Agent may generate a similar or identical Result. The PUBLISHER does not guarantee the uniqueness of Results.
When using 366, the Organisation may process Organisation Data containing personal data under its responsibility, in accordance with the GDPR.
For free-form Prompts entered by Users, Users undertake to limit the data they enter to what is strictly necessary for the intended use, and to refrain from including sensitive data (within the meaning of the GDPR or equivalent) unless required by the activity and appropriate safeguards have been implemented by the Organisation.
The User shall not attempt to reverse engineer 366 and/or the AI Engine through Prompts.
The User acknowledges and agrees that Results depend on how Prompts are written, how Agents are configured, the available data, and that the underlying technologies are complex, evolving and sometimes unpredictable, which may affect the completeness and accuracy of Results.
To the extent permitted by applicable law, the PUBLISHER excludes any express or implied warranty as to the quality, accuracy, timeliness or fitness of Results for a particular purpose.
The PUBLISHER reminds the User that final actions and/or decisions implemented by the Organisation and/or the User cannot be based solely on Results generated through the use of 366, in accordance with applicable law and EU guidance.
The PUBLISHER cannot guarantee the accuracy of Results. Results may be influenced by biases specific to the AI Agent and/or the Third-Party Model used.
It is the User's responsibility to verify Results with due diligence before any use or distribution and not to rely on them as the sole source of information or as a substitute for professional advice.
Users are encouraged to optimise their Prompts, use any moderation options provided, and include specific instructions to obtain Results tailored to their needs.
The User must provide any person accessing Results or using the Services with a warning about potential inaccuracies and unpredictability in AI-generated content, and encourage them to verify important information.
The User undertakes to use only those parts of Results for which the User holds the necessary rights.
The User shall not attempt to reverse engineer 366 from Results.
The PUBLISHER implements reasonable measures, including filtering and moderation mechanisms, to prevent Results from containing offensive, inappropriate or unlawful content.
However, the PUBLISHER does not guarantee that Results will be free of inappropriate content.
The User is solely responsible for using Results in compliance with the law and shall not use them for any unlawful or harmful purpose.
The Organisation and its Users are solely responsible for:
The PUBLISHER implements security and anti-abuse mechanisms but shall not be liable for:
Unless expressly agreed otherwise, 366 does not, by default, provide a legal/probative archiving service for electronic communications.
The Organisation remains responsible for stored content (including with respect to copyright, trade secrets and personal data).
The Organisation shall not store unlawful content or content that violates public order in 366.
Calendar invitations and synchronisations are carried out according to User/Administrator settings and, where applicable, subject to the limitations and policies of connected third-party services.
The Organisation remains responsible for communications and, in particular, for compliance with labour law, internal compliance obligations and security policies.
366 provides storage, organisation, operational retention and retrieval features for Organisation Data (including emails, attachments, documents, calendars, contacts and messages), as well as technical continuity mechanisms (where applicable: backups, versions, restoration, technical logs) depending on the deployment mode and the subscribed offer.
Unless expressly agreed otherwise in a contract, a specific annex or a dedicated offer, 366 is not an electronic archiving system with probative value, does not constitute a legal archiving service and does not replace the legal, tax, social, regulatory or sector-specific retention, archiving and/or evidence obligations of the Organisation.
The Organisation remains solely responsible for:
Accordingly, the PUBLISHER does not guarantee that retention within 366 (including backups, versioning, restoration or logs) meets, as such, the probative archiving requirements applicable to the Organisation.
When the Organisation enables Automations, AI Agents and/or Connectors, it is deemed to control their design and triggering.
The Organisation is solely responsible for:
The Organisation acknowledges that certain features may execute Executed Actions (sending emails, creating/modifying documents, synchronisations, updates to external systems, etc.). The Organisation assumes responsibility for the legal and operational consequences of Executed Actions triggered via 366, whether initiated by a User or automatically.
The PUBLISHER is not responsible for malfunctions related to:
The PUBLISHER is the exclusive owner of all intellectual property rights relating to both the structure and the content of 366.
These Terms do not transfer any intellectual property rights to the User or the Organisation.
Under the subscribed offer/licence, the PUBLISHER grants the Organisation and its Users a non-exclusive licence to use 366 for the duration of the applicable contract/licence.
Usage rights are strictly limited to what is necessary to access, display, use and operate 366 for internal business purposes.
In particular, the User shall not modify, copy, translate, correct, improve, adapt, reproduce, download, distribute, mass-extract, transmit, decompile or reverse engineer, create derivative works, commercially exploit and/or distribute 366 in any way.
The User expressly agrees not to correct any Anomaly themselves, as the PUBLISHER reserves this right, unless otherwise agreed in On-Premises Mode.
Any total or partial reproduction of the PUBLISHER's trademarks, graphics, symbols and distinctive signs without express authorisation is prohibited.
366 and/or the AI Engine integrated into 366 implement processes and technologies that may be protected by industrial property rights, including patents.
The PUBLISHER is the holder of the French patent FR3136298A1. Any reproduction, representation, modification or adaptation, in whole or in part, of elements and processes covered by this patent, without the PUBLISHER's (or its successors') prior written authorisation, is prohibited within the meaning of Article L615-1 of the French Intellectual Property Code.
Uploading, entering or processing Organisation Data in 366 does not involve any transfer of rights to the PUBLISHER.
The Organisation remains the holder of rights in its Organisation Data. It warrants that it holds the necessary rights and authorisations and does not infringe third-party rights.
The Organisation grants the PUBLISHER a non-exclusive and temporary licence enabling it to host a copy of, and process, Organisation Data solely for the performance of the 366 Services (hosting, indexing, compression, backup, restitution, security, support).
The Organisation/User remains the holder of rights in their Prompts, except for those provided by the PUBLISHER, which remain the exclusive property of the PUBLISHER.
The User/Organisation becomes the holder of intellectual property rights in Results, to the extent permitted by applicable law and subject to pre-existing rights.
The Organisation and the User are informed of the PUBLISHER's right to monitor the use of 366 remotely, including in particular:
Monitoring is carried out for the purposes of security, integrity, usage compliance, abuse prevention, maintenance and, where applicable, billing of the Services. Monitoring does not undermine the confidentiality and security of Organisation Data and Results and is not intended to exploit content for purposes other than providing the Services.
In the event of an Anomaly or issue (lost credentials, malfunction), the User shall first contact the Administrator.
In SaaS Mode, support is provided according to the subscribed offer (Annex A).
In On-Premises Mode, support is subject to a separate mandatory support contract (Annex B).
The PUBLISHER uses reasonable efforts to make 366 available 24/7, subject to planned maintenance and the provisions of this article and the Annexes.
The PUBLISHER shall not be liable for inconveniences or damages inherent to the use of the Internet network, including service interruption, external intrusion, viruses, operator failures/saturation, and unavailability of third-party providers (including AI Model providers).
Access to 366 may be suspended at any time and without prior notice, including due to updates, outages, network/system/communications failures, and maintenance or correction interventions required.
The User is informed that 366 integrates an artificial intelligence engine and that, depending on the enabled Modules, the settings defined by the Organisation and its use cases, the User may interact with artificial intelligence (including via AI Agents, automations or analysis/generation features).
Accordingly, the AI Engine is only an aid to decision-making and supervised automation.
The Organisation and/or the User are solely responsible for using 366, in particular Organisation Data, Prompts, Knowledge Bases, configurations, access rights, Connectors and Automations.
It is reminded that:
The User undertakes to keep their credentials confidential. In the event of fraudulent use, the User shall immediately notify the Administrator.
When using the Services, the User is prohibited from:
Computer offences (unauthorised access/maintenance, obstruction, fraudulent insertion, extraction, etc.) may be subject to criminal penalties.
To the extent permitted by applicable law:
366 may contain links to external URLs and services over which the PUBLISHER has no control. The PUBLISHER disclaims any liability for their content.
Where 366 provides link-sharing features (conversation, document, resource), the User is solely responsible for any public links they share. Any person holding a public link may access the resource according to the selected settings. The User undertakes to inform third parties when this involves interaction with AI.
These Terms apply for the same period as the Organisation's subscription/licence.
If the contractual relationship ends for any reason, the PUBLISHER undertakes to provide data reversibility for the Organisation Data belonging to the Organisation.
The Organisation may exercise this right through the Administrator and/or according to the process defined by the PUBLISHER within ninety (90) days from the termination date.
After this period, all Organisation Data will be deleted, subject to statutory retention obligations.
The retention described in this section corresponds to operational and technical retention of Organisation Data required to provide the Services; it does not constitute legal/probative archiving.
In SaaS Mode:
Technical logs: maximum default retention of 12 months.
Security logs: maximum default retention of 24 months, where necessary for security and compliance.
Retention periods may be adjusted by the PUBLISHER depending on the offer, statutory constraints, security requirements, or contractual configuration.
The PUBLISHER reserves the right to adapt or amend these Terms at any time.
Any change takes effect upon publication and applies only to Users using the Services after such change. Organisations will be informed in advance of material changes.
Under the applicable offer/licence, the PUBLISHER acts as a processor of the Organisation's personal data processing necessary for the operation of 366.
The PUBLISHER undertakes that personal data collected and processed in connection with the use of 366 will be processed in accordance with the GDPR.
The PUBLISHER may process professional identification and contact data necessary for the performance of the Services. Data is intended for the PUBLISHER and its subcontractors.
Each data subject has GDPR rights (access, rectification, erasure, portability, objection), to be exercised with the DPO: dpo@devana.ai.
In the event of a dispute, the User may lodge a complaint with the CNIL (French Data Protection Authority) or the competent supervisory authority.
In SaaS Mode, 366 is hosted in the European Union on a cloud infrastructure operated by Scaleway (Annex A).
The list of the PUBLISHER's sub-processors (categories and identity where required) is kept up to date in the PUBLISHER's Trust Center.
The Organisation acknowledges that certain Third-Party Models may be operated by Third-Party Providers located outside the EU, depending on the chosen configuration. The Organisation remains responsible for the compliance of any transfers and the corresponding legal basis. The PUBLISHER provides the relevant information in the documentation and/or the Trust Center.
Depending on the Organisation's use of 366, all or part of the AI functionalities may be considered an AI system subject to regulatory obligations, including potentially enhanced obligations in the case of high-risk use.
The Organisation undertakes to:
The PUBLISHER undertakes, within the limits of applicable obligations, to:
Failure to rely on any breach of these Terms shall not constitute a waiver of any other breach, whether subsequent, identical or different.
If any provision of these Terms is held to be null or unenforceable, it shall be deemed unwritten and the remaining provisions shall remain in full force and effect.
The Organisation and the User, having accepted these Terms, agree that these Terms constitute external and probative evidence of the use of 366 and the Services in the event of a dispute.
In addition to statutory provisions recognising the evidential value of electronic writings, the Organisation and the User acknowledge the validity and probative value of emails, logs, digital traces, files and electronic records kept by the PUBLISHER or one of its providers.
These Terms are governed by French law.
Any dispute relating to their interpretation or performance shall fall within the jurisdiction of the competent courts of the place where the PUBLISHER has its registered office, unless mandatory provisions provide otherwise.
A1. Hosting: 366 is hosted in the European Union on cloud infrastructure operated by Scaleway.
A2. Availability / maintenance: the PUBLISHER may carry out planned maintenance operations. Outages may result from infrastructure or network incidents, or third-party services (including AI models).
A3. Backups: the PUBLISHER implements appropriate backup/restoration mechanisms. Any quantified objectives (RPO/RTO) are defined by the subscribed offer or a separate contract. Backups are intended for continuity and technical restoration and do not constitute legal/probative archiving.
A4. Security: reasonable technical and organisational measures (access control, encryption where applicable, monitoring, etc.).
A5. Subcontractors: list kept up to date in the Trust Center.
A6. Retention: application of section 18.
B1. Infrastructure responsibility: the Organisation is solely responsible for its infrastructure (servers, network, OS, storage, cloud under its control), availability, perimeter security, backups and restoration.
B2. Updates: the terms for providing and applying corrective/evolutionary updates are defined by the licence and/or a separate contract.
B3. Support: On-Premises support is subject to a separate mandatory support contract.
B4. Remote access: in On-Premises Mode, no permanent remote access to the Organisation's systems, networks or environments is granted to the PUBLISHER. Any one-off remote access (for support purposes) may take place only with the Organisation's prior express consent and is subject to controls (authorisation, duration, scope, traceability).
B5. Telemetry / monitoring transmitted by the Organisation: notwithstanding the above, the Organisation acknowledges that 366 may be configured to transmit to the PUBLISHER technical and usage metrics (telemetry) strictly necessary for licence monitoring, security and/or support, as documented. Such transmissions do not constitute remote access to the Organisation's infrastructure and do not, by themselves, grant access to business content beyond what is strictly necessary for the stated purpose.
B6. Third-party models: if the Organisation configures the use of external Third-Party Models, it is responsible for the compliance of data flows and any transfers that may occur.
Confidential © Scriptor Artis, 2026