Terms of Service

Effective Date: January 5, 2026
Last Updated: January 5, 2026

Mind Anvil, LLC ("we," "us," or "Provider") provides specialized compliance consulting for US Federal contracting (FedRAMP, CMMC) and cybersecurity artifact development. By engaging our services, you ("Client") agree to these Terms.

1. Services and Scope

We agree to perform the services described in the specific Statement of Work (SOW) using best business efforts.

  • Consulting Only: Our role is to advise on frameworks (NIST SP 800-171, NIST SP 800-53, CMMC) and prepare documentation structures.
  • Condition of Service (NO CUI): You acknowledge that Mind Anvil’s systems are not designated for the processing or storage of Controlled Unclassified Information (CUI) or Classified Information. You agree NOT to send, upload, or transfer CUI to Mind Anvil. All consulting regarding specific CUI data must be performed on Client-controlled systems or via screen-sharing where Mind Anvil does not retain the data.

2. Intellectual Property Rights

A. Client Ownership of Deliverables

Upon full payment, you own the specific Deliverables created for your compliance package (e.g., the final populated SSPs or Policies).

B. Mind Anvil Background IP

Mind Anvil retains ownership of its Background IP, including our proprietary compliance templates, reusable frameworks, and methodology.

  • License: We grant you a perpetual, non-exclusive license to use our Background IP solely as incorporated into your Deliverables for your internal compliance purposes.

3. Payment Terms

  • Standard: Net 30 days from invoice date.
  • Late Payments: We reserve the right to suspend services on past-due accounts.

4. Termination

  • Notice: Either party may terminate with two (2) weeks (14 days) written notice.
  • Payment: Client pays for all work completed up to the termination date.

5. DISCLAIMER OF WARRANTIES & AUDIT OUTCOMES

WE PROVIDE STRATEGY, NOT GUARANTEES.

  1. Best Efforts: We will use commercially reasonable "best business efforts" to prepare your organization for compliance audits based on our understanding of current NIST and CMMC standards.
  2. No Guarantee of Certification: Compliance is subjective to the Third-Party Assessment Organization (C3PAO) or Government Auditor. We cannot and do not guarantee that you will pass an audit, obtain an ATO, or achieve certification. The final outcome rests on your implementation of the controls, not just our documentation.
  3. "As Is": The Services are provided "As Is." We disclaim all implied warranties of merchantability and fitness for a particular purpose.

6. LIMITATION OF LIABILITY

TO THE MAXIMUM EXTENT PERMITTED BY NORTH CAROLINA LAW:

  1. INDIRECT DAMAGES: WE ARE NOT LIABLE FOR LOST PROFITS, LOSS OF GOVERNMENT CONTRACTS, FAILED AUDITS, OR DATA LOSS.
  2. LIABILITY CAP: OUR TOTAL LIABILITY SHALL NOT EXCEED THE TOTAL FEES PAID BY YOU TO US IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM.

7. Confidentiality

  • Definition: "Confidential Information" means non-public business information (budget, strategy, personnel). It explicitly excludes CUI.
  • Obligations: We agree to keep your business data confidential and use it solely for the Service.

8. Governing Law

Governed by the laws of the State of North Carolina. Disputes shall be resolved in Raleigh, North Carolina.

Contact: john@mindanvil.com