Terms of Service

Rami Code Review
Effective Date: January 1, 2026

1. Agreement to Terms

By accessing or using Rami Code Review ("Service," "Rami," "we," "us," or "our") at rami.reviews, you agree to be bound by these Terms of Service ("Terms"). If you do not agree to these Terms, do not use the Service.

Rami Code Review is operated by ChangWon Lee, an individual based in the Republic of Korea.

These Terms apply to all users, including those accessing the Service via:

The web dashboard
Command-line interface (CLI)
HTTP API
MCP (Model Context Protocol) tools
GitHub Apps (webhooks)

2. Description of Service

Rami is an AI-powered code review service that:

Analyzes GitHub pull request code changes
Identifies potential issues (security vulnerabilities, bugs, code quality)
Posts review comments to GitHub pull requests
Provides rebuttal analysis for review feedback

The Service uses third-party large language models (LLMs) to analyze code. Code snippets from your pull requests are sent to these LLM providers for analysis.

3. Account Registration

3.1 GitHub App Installation

Access to the Service requires installing our GitHub App on your repositories. By installing the app, you authorize us to access your GitHub profile information (username, email, avatar) and interact with repositories where the app is installed. The app requests only the permissions necessary to provide code review functionality.

3.2 Organization Accounts

When you install Rami on a GitHub organization's repositories, an organization account is automatically created. The user who initiates the installation becomes the organization owner.

Owner Responsibilities:

Managing organization membership (blocking/unblocking members)
Ensuring payment for usage-based billing
Complying with these Terms on behalf of all members

Membership:

Membership is determined by commit activity on repositories where Rami is installed. Users who commit to these repositories are automatically added as members. Owners may block members from using organization quota.

Member Consent:

By committing to a repository where Rami is installed, you consent to:

Being added as a member of the associated organization
Your usage statistics being visible to the organization owner
Using the organization's shared quota when in organization context

You may operate in personal context at any time to use your individual quota instead.

3.3 API Keys

You may generate API keys for programmatic access. You are responsible for:

Keeping API keys confidential
Rotating keys if compromised
All usage through your API keys

3.4 Device Tokens

For MCP and CLI access, you may authenticate using the OAuth device flow, which issues device tokens. These tokens:

Grant access to the Service on your behalf
Expire after 14 days of inactivity (activity resets the timer daily)
Can be revoked through the dashboard or by logging out

You are responsible for securing devices where these tokens are stored.

4. Acceptable Use

4.1 You May:

Use the Service to review code in repositories you own or have permission to access
Integrate the Service into your development workflows
Use review feedback to improve your code

4.2 You May Not:

Use the Service to review code you do not have rights to access
Attempt to reverse-engineer, decompile, or extract the underlying models or algorithms
Circumvent rate limits, quotas, or other technical restrictions
Use the Service for any illegal purpose
Resell, sublicense, or redistribute the Service without authorization
Submit malicious code designed to attack or exploit the Service
Use automated means to create accounts or abuse the free tier
Interfere with or disrupt the Service or servers
Submit code, comments, or content designed to manipulate, bypass, or "jailbreak" the underlying AI models (prompt injection attacks)
Attempt to extract training data, system prompts, or proprietary information from the AI models

4.3 Code Content

You are solely responsible for the code you submit for review. Do not submit code that:

Contains illegal content
Violates third-party intellectual property rights
Contains malware or malicious payloads intended to harm systems

5. Pricing and Payment

5.1 Free Tier

The Service offers a free tier with limited reviews per month. Free tier limits may change at our discretion with reasonable notice.

5.2 Individual Paid Features

Credits: Additional reviews beyond your quota can be purchased as credits
Subscriptions: Higher-tier plans with increased quotas may be available

5.3 Organization Billing

Organizations are billed monthly based on the number of active members (users with commit activity in the billing period).

Pricing: Usage-based billing per active member per month
Quota: Organizations receive pooled quota based on active member count
Credits: Organizations may purchase additional credits for use beyond quota

Payment Failure:

If organization payment fails:

Days 1-7: Full access with warning banner
Days 8-14: Read-only access (no new reviews)
Day 15+: Organization features suspended until payment resolved

5.4 Payment Processing

Payments are processed by Paddle (paddle.com), our merchant of record. By purchasing credits or subscriptions, you also agree to Paddle's Terms of Service.

5.5 Refunds

Unused credits are non-refundable except as required by law
Refunds may be issued for technical issues, duplicate purchases, or extended service outages
Refund requests must be submitted within 14 days of purchase
Paddle handles refund processing in accordance with applicable consumer protection laws

For complete details, see our Refund Policy.

5.6 Taxes

Paddle handles all applicable taxes (VAT, sales tax, etc.) as the merchant of record.

6. Intellectual Property

6.1 Your Code

You retain all ownership and intellectual property rights to code you submit for review. We do not claim any ownership of your code.

6.2 License to Process

By using the Service, you grant us a limited, non-exclusive license to:

Transmit your code to LLM providers for analysis
Cache review results for performance optimization
Display review feedback in the GitHub interface

This license terminates when you delete your account or the cached data expires.

6.3 Our Service

The Service, including its design, features, and underlying technology, is owned by us. These Terms do not grant you any rights to our trademarks, logos, or branding.

6.4 Feedback

If you provide feedback or suggestions about the Service, we may use them without obligation to you.

7. Data Handling

7.1 What We Process

GitHub profile information (username, email, organization)
Code diffs from pull requests you submit for review
Review results and metadata
Usage data (timestamps, API calls, quota consumption)

7.2 Third-Party Processing

Code submitted for review is sent to third-party LLM providers for analysis. Providers may include, but are not limited to: OpenRouter, OpenAI, Anthropic, xAI, Google, and AWS Bedrock. The specific provider used may vary based on model availability and performance. These providers have their own privacy policies and data handling practices.

7.3 Caching

Review results are cached for up to 7 days to improve performance and reduce costs. Cached data is isolated by organization.

7.4 Data Retention

The following are maximum retention periods. Data may be deleted sooner but will not be retained longer than specified:

Account data: Retained while your account is active, deleted upon account termination
Usage logs: Maximum 90 days
Audit logs: Maximum 1 year
Cached reviews: Maximum 7 days (automatically expire)
Repository-derived state: 90 days from last review activity, 180 days maximum; database backups retained for 7 days

These periods represent maximum retention, not guaranteed availability. We do not guarantee data recovery within these periods. For detailed information about data handling, see our Privacy Policy.

7.5 Derived State

Rami stores repository-derived state about repositories where the Rami GitHub App is installed and actively used, including review pattern summaries and code structure indices (such as function names and call relationships). This state does not include raw file contents, diffs, or inline code snippets, but may reflect repository structure and metadata.

Repository-derived state is stored in encrypted AWS infrastructure in the ap-northeast-1 (Tokyo) region. Each organization's state is logically isolated.

Repository-derived state expires automatically after 90 days of inactivity and is deleted from primary storage within 14 days of expiry. A hard safety limit of 180 days applies to stored artifacts. Database backups are retained for 7 days. No manual deletion request is required.

Private repository data and repository-derived state are not used to train models.

To request deletion or exercise data rights, contact support@rami.reviews.

8. Service Availability

8.1 Availability

We strive to maintain high availability but do not guarantee uninterrupted access. The Service may be unavailable due to:

Scheduled maintenance (we will attempt to provide notice)
Unscheduled outages
Third-party service failures (GitHub, LLM providers)

8.2 Modifications

We may modify, suspend, or discontinue any aspect of the Service at any time. For material changes affecting paid features, we will provide reasonable notice.

8.3 Rate Limits

The Service enforces rate limits based on your plan tier. Exceeding limits results in temporary request rejection (HTTP 429).

9. Disclaimers

9.1 "As Is" Service

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, OR ACCURACY.

9.2 AI Limitations

The Service uses AI to analyze code. AI-generated reviews:

May contain inaccuracies or false positives
Should not be the sole basis for code acceptance decisions
Do not guarantee detection of all issues
Are not a substitute for human code review, security audits, or professional advice

9.3 No Security Guarantee

While the Service may identify security issues, it does not guarantee your code is secure. You remain responsible for the security of your software.

10. Limitation of Liability

10.1 Exclusion of Damages

TO THE MAXIMUM EXTENT PERMITTED BY LAW, WE SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO: loss of profits, data, or business opportunities; service interruptions; costs of substitute services; damages arising from reliance on AI-generated reviews.

10.2 Liability Cap

OUR TOTAL LIABILITY FOR ANY CLAIMS ARISING FROM THESE TERMS OR USE OF THE SERVICE SHALL NOT EXCEED THE GREATER OF:

The amount you paid us in the 12 months preceding the claim, or
$100 USD

10.3 Exceptions

Some jurisdictions do not allow exclusion of certain warranties or limitation of liability. In such jurisdictions, our liability is limited to the maximum extent permitted by law.

11. Indemnification

You agree to indemnify, defend, and hold harmless Rami and its operators from any claims, damages, losses, or expenses (including reasonable legal fees) arising from:

Your use of the Service
Your violation of these Terms
Your violation of any third-party rights
Code you submit through the Service

12. Termination

12.1 By You

You may terminate your account at any time by contacting us or through the dashboard settings. Upon termination:

Your API keys are immediately revoked
Cached data expires according to normal retention schedules
Unused credits are forfeited, except where prohibited by applicable consumer protection laws. EU consumers retain refund rights for unused credits in accordance with applicable law. See our Refund Policy for details.

Organization Deletion:

Organization owners may delete their organization at any time. Upon deletion:

All organization data is permanently removed within 30 days
Members retain their personal accounts
Historical usage data is retained for billing verification (7 years)

12.2 By Us

We may suspend or terminate your account if you:

Violate these Terms
Engage in fraudulent or abusive behavior
Fail to pay for services

We will provide notice of termination when reasonable, except in cases of severe violations.

12.3 Effect of Termination

Sections 6 (Intellectual Property), 9 (Disclaimers), 10 (Limitation of Liability), 11 (Indemnification), and 13 (Governing Law) survive termination.

13. Governing Law and Disputes

13.1 Governing Law

These Terms are governed by the laws of the Republic of Korea, without regard to conflict of law principles.

13.2 Dispute Resolution

Any disputes arising from these Terms or the Service shall be resolved through:

Informal Resolution: Contact us first to attempt resolution
Arbitration: If informal resolution fails, disputes shall be resolved by binding arbitration under the rules of the Korean Commercial Arbitration Board (KCAB)

13.3 Class Action Waiver

You agree to resolve disputes individually and waive any right to participate in class actions or collective proceedings. This waiver does not apply where prohibited by law, including for users in the European Union who retain their rights to collective redress under applicable consumer protection laws.

13.4 Consumer Protection

If you qualify as a consumer under the laws of the European Union, United Kingdom, or Australia, the arbitration requirement in Section 13.2 does not apply to you to the extent prohibited by mandatory local law. You may bring claims in your local courts in accordance with applicable consumer protection legislation. Nothing in these Terms affects your statutory consumer rights that cannot be waived or limited by contract.

13.5 Exceptions

Nothing in this section prevents either party from seeking injunctive relief in court for intellectual property violations or security breaches.

14. General Provisions

14.1 Entire Agreement

These Terms, together with our Privacy Policy and Refund Policy, constitute the entire agreement between you and Rami regarding the Service.

14.2 Severability

If any provision of these Terms is found unenforceable, the remaining provisions remain in effect.

14.3 No Waiver

Our failure to enforce any right or provision does not constitute a waiver of that right.

14.4 Assignment

You may not assign these Terms without our consent. We may assign our rights and obligations without restriction.

14.5 Changes to Terms

We may update these Terms from time to time. Material changes will be notified via:

Email to your registered address
Notice on the dashboard
Posting on our website

Continued use after changes constitutes acceptance of the new Terms.

15. Contact

For questions about these Terms:

Email: support@rami.reviews