# SIDECAR NETWORK — ONLINE USER AGREEMENT (TERMS OF SERVICE) **Effective date:** 2026-05-19 **Last updated:** 2026-05-23 **Document hash (SHA-256):** _computed at deploy; logged with every click-through acceptance_ --- PLEASE READ THESE TERMS CAREFULLY. THEY CONTAIN IMPORTANT INFORMATION ABOUT YOUR RIGHTS AND OBLIGATIONS, INCLUDING A MANDATORY ARBITRATION CLAUSE, A CLASS ACTION WAIVER, AND LIQUIDATED DAMAGES FOR UNJUSTIFIED PAYMENT CHARGEBACKS. BY CLICKING THE "I AGREE" CHECKBOX AND THE "SUBSCRIBE" BUTTON, OR BY OTHERWISE ACCESSING OR USING THE SERVICES, YOU UNCONDITIONALLY ACCEPT AND AGREE TO BE BOUND BY THIS AGREEMENT, THE ACCEPTABLE USE POLICY ([AUP.md](AUP.md)), AND THE PRIVACY POLICY ([PRIVACY.md](PRIVACY.md)), EACH OF WHICH IS INCORPORATED BY REFERENCE. IF YOU DO NOT AGREE, DO NOT CHECK THE BOX, DO NOT CLICK SUBSCRIBE, AND DO NOT USE THE SERVICES. This Agreement is between you and **Sidecar Network LLC** ("Sidecar," "we," "us," or "our"), a Delaware limited liability company. By executing an Order, registering an account, or initiating a WireGuard peer handshake against a Sidecar relay, you represent that (a) you are at least 18 years old, (b) if entering on behalf of an entity you have authority to bind it, and (c) you have read, understood, and agreed to this Agreement, the AUP, and the Privacy Policy. --- ## 1. Service Description Sidecar Network LLC provides WireGuard relay infrastructure that assigns dedicated public IPv4 and IPv6 addresses to Docker containers via authenticated, encrypted tunnels. The Services consist of: (a) Sidecar-operated relay nodes deployed on managed cloud infrastructure across multiple regions; (b) the `sidecar-ctrl` control-plane API which manages peer registration, IP allocation, and tunnel lifecycle; (c) the `sidecar` Docker plugin and related client software which establish and maintain WireGuard peers from your Docker hosts; and (d) supporting account, billing, and abuse-handling functions accessed through sidecar.network. The Services are delivered as a **subscription** or, where you have purchased a Founding Member multi-year plan, as a prepaid term subscription. Sidecar does not sell, lease, or transfer ownership of any IP address, VPS instance, hardware, or network capacity. The right granted is a non-exclusive, non-transferable, revocable license to route traffic through Sidecar relays subject to this Agreement and your selected plan tier. The self-serve plan tiers available at checkout are exactly the following, each as further described on sidecar.network/pricing at the time of Order. The price stated below is the price that will be charged; no other tier or amount is offered through the self-serve checkout. | Tier | Price (USD / mo) | Max Peers | Dedicated IPv4 | One-time provisioning fee | One-time setup fee | |---|---|---|---|---|---| | Micro | $0.99 | 1 | 0 | — | — | | Free | $0.00 | 3 | 0 | — | — | | Spark | $4.99 | 5 | 0 | — | — | | Launch | $9.99 | 10 | 0 | — | — | | Pulse | $19.99 | 25 | 0 | — | $29.00 (waived on annual or longer) | | Pulse+IPv4 | $29.99 | 25 | 1 | $3.00 (non-refundable) | $29.00 (waived on annual or longer) | | Relay | $39.99 | 50 | 1 | $3.00 (non-refundable) | $29.00 (waived on annual or longer) | The applicable plan and its quotas form part of the Order. The control-plane server is the sole authority on price; any tier or amount transmitted from a client is ignored, and the charge submitted to the payment processor will be the server-side price corresponding to the tier shown in the table above. The one-time provisioning fee on IPv4-carrying tiers is charged at subscription start in addition to the monthly fee and is **non-refundable** — see §5.2 for the rationale and refund treatment. The one-time setup fee, where applicable, is **non-refundable** and is described in §5.3. **Sales-contact only — not self-serve.** Higher-capacity offerings marketed as **Surge** ($59.99/mo), **Fleet** ($77.99/mo), **Command** ($149.99/mo), **Cluster** ($99.00 per seat per month, five-seat minimum), and **Enterprise** (custom pricing) are available exclusively through a written order signed by Sidecar and are not provisioned through the self-serve checkout. No click-through acceptance of this Agreement constitutes an Order for any of those tiers; any such tier requires a separately executed Order Form, and pricing for those tiers is set in that Order Form rather than by this Agreement. --- ## 2. Grant of License; Restrictions Subject to your continuous compliance with this Agreement, Sidecar grants you a limited, revocable, non-exclusive, non-transferable, non-sublicensable license to use the Services solely for the routing of your own traffic or traffic you are authorized to route. You may not: (a) resell, sublicense, or repackage the Services to third parties except under a written reseller agreement signed by Sidecar; (b) reverse-engineer the `sidecar-ctrl` binaries, the relay control plane, or any cryptographic component except to the limited extent applicable law expressly permits; (c) use the Services to build a competing WireGuard relay or "dedicated IP for containers" product; (d) circumvent rate limits, quota enforcement, port restrictions, or abuse mitigations applied to your account; (e) operate as an anonymous Tor **exit** node on a Sidecar IP (Tor middle relays, bridges, and obfs4 bridges are expressly permitted); (f) generate or relay unsolicited bulk email or operate an SMTP submission service — outbound SMTP on ports 25, 465, and 587 is blocked by default and access requires written authorization. **2.1 Software License — Agent and Plugin Binaries.** The Sidecar agent and plugin software, distributed as the signed container images `ghcr.io/sidecar-network/agent` and `ghcr.io/sidecar-network/plugin` and via the installer at `https://sidecar.network/install` (the "Software"), is proprietary, closed-source software owned by Sidecar. Subject to your continuous compliance with this Agreement, Sidecar grants you a limited, revocable, non-exclusive, non-transferable, non-sublicensable license to run unmodified copies of the Software **solely to connect your own systems to the Services**. You receive no rights to the source code. You may not, except to the limited extent applicable law expressly permits notwithstanding this restriction: (i) copy, redistribute, sell, lease, or sublicense the Software; (ii) modify the Software or create derivative works of it; (iii) reverse-engineer, decompile, or disassemble the agent, plugin, or `sidecar-ctrl` binaries or any cryptographic component; or (iv) remove, alter, or obscure any proprietary notice, signature, or attestation. The Software is provided "AS IS" without warranty of any kind. This license terminates automatically if you breach this Agreement or stop using the Services. The Software incorporates third-party open-source components under their respective permissive licenses; the required notices are provided in the THIRD_PARTY_NOTICES distributed with the Software and at `https://sidecar.network/legal/third-party-notices`. --- ## 3. Acceptable Use Policy (Incorporated by Reference) Your use of the Services is governed at all times by the Sidecar Acceptable Use Policy at [AUP.md](AUP.md). Material prohibitions include: **3.1 Child Sexual Abuse Material (CSAM).** Zero tolerance. Reported to NCMEC under 18 U.S.C. § 2258A; offending peer terminated immediately. See [CSAM_PROTOCOL.md](CSAM_PROTOCOL.md). **3.2 DDoS sourcing.** Prohibited; any peer observed sourcing such traffic is terminated without notice. **3.3 Spam / email abuse.** Outbound SMTP blocked by default. Bulk email prohibited. **3.4 Copyright infringement.** DMCA agent registered (see [DMCA_REGISTRATION.md](DMCA_REGISTRATION.md)). Repeat infringers terminated. **3.5 Cryptocurrency mining.** Permitted, but **disclosure required** in dashboard at the time mining begins, for capacity planning and upstream-provider AUP compliance. Undisclosed mining is a material breach. **3.6 Bulk port scanning.** Aggressive public-internet scanning prohibited. Authorized targeted security research permitted; abuse-report response required within 24 hours. **3.7 Tor exit nodes.** Prohibited on Sidecar IPs due to abuse-complaint impact on shared IP reputation. Tor middle relays, guards, bridges, and obfs4 bridges explicitly allowed. **3.8 Other.** Malware distribution, unauthorized access, packet header forgery, open proxies, harassment campaigns, controlled-substance sales, or any unlawful conduct in the United States, the European Union, or your own jurisdiction. Sidecar reserves the right to suspend or terminate any account at our sole discretion upon credible evidence of an AUP violation. **No refund of prepaid fees is issued on AUP-terminated accounts.** **3.9 AI-Assisted Abuse Triage (Advisory Only).** Sidecar operates an AI-assisted abuse-triage pipeline that uses a locally-hosted, fully-offline language model (no third-party API calls and no transfer of personal data to external model providers) to extract the reported peer, violation category, and severity score from inbound abuse correspondence and to pre-stage a recommended enforcement action for human-operator review. **No enforcement action — including token revocation, peer disable, or account suspension — is ever taken autonomously by the model; every action is reviewed and confirmed by a human operator.** A dual-LLM (CaMeL-style) prompt-injection defense is used to ensure that the model that reads untrusted input cannot directly invoke enforcement tools. The triage layer is an operational efficiency tool only and does not modify any substantive right or obligation under this Agreement, the AUP, or the Privacy Policy. EU subscribers retain the right under GDPR Art. 22 not to be subject to a decision based solely on automated processing; because all enforcement decisions involve human review, Art. 22 is not engaged in normal operation. --- ## 4. Fees, Payment Terms, and Auto-Renewal **4.1 Subscription Fees.** You will pay the monthly, annual, or multi-year prepaid fees corresponding to your selected plan tier as displayed at the time of Order. All fees are stated in U.S. dollars and are exclusive of taxes. **4.2 Auto-Renewal Disclosure.** **BY CLICKING "SUBSCRIBE" YOU AUTHORIZE SIDECAR NETWORK LLC TO CHARGE YOUR SELECTED PAYMENT METHOD (PAYPAL, A CREDIT CARD PROCESSED VIA PAYPAL HOSTED FIELDS, OR ANOTHER PROCESSOR LISTED AT CHECKOUT) THE RECURRING SUBSCRIPTION FEE AT THE INTERVAL DISPLAYED ON THE CHECKOUT PAGE (MONTHLY OR ANNUALLY), UNTIL YOU CANCEL. EACH RENEWAL WILL CHARGE THE THEN-CURRENT FEE FOR YOUR PLAN. WE EMAIL A RENEWAL REMINDER AT LEAST SEVEN (7) DAYS BEFORE EACH ANNUAL RENEWAL.** Founding Member multi-year prepaid plans are one-time charges; no auto-renewal applies to those plans unless you affirmatively opt in at the end of the prepaid term. **4.3 Cancellation.** You may cancel at any time from the Account → Billing → Cancel Subscription page on sidecar.network, or by emailing billing@sidecar.network from your account-of-record email address. Cancellation takes effect at the end of the then-current billing period; access continues until period end. **No partial-period refunds are issued except as provided in §5.** **4.4 Late Fees.** Past-due balances accrue interest at 1.5% per month or the maximum rate permitted by law, whichever is lower, from the due date until paid. Accounts more than thirty (30) days past due may be suspended. **4.5 Taxes.** All fees are net of any sales, use, value-added, withholding, or similar taxes. You are responsible for all such taxes other than those based on Sidecar's net income. For EU customers we collect VAT under the OSS scheme; for applicable US states we collect sales tax. --- ## 5. Refund Policy — 14-Day Money-Back Guarantee Sidecar offers a **14-day money-back guarantee** for first-time paid subscribers on monthly and annual plans. To request a refund, email billing@sidecar.network within fourteen (14) days of your initial charge and include your account email and the transaction ID. We will process the refund to the original payment method within ten (10) business days. **5.1 Initial Period Only — Renewals Not Refundable.** The 14-day money-back guarantee applies only to your initial billing period. Subsequent automatic renewals are not refundable; you may cancel at any time to stop future renewals (cancellation takes effect at the end of the current period, and access continues until that date). **5.2 Non-Refundable Provisioning Fee on IPv4 Tiers.** Tiers that include dedicated IPv4 addresses (currently **Pulse+IPv4** and **Relay**) charge a one-time **non-refundable provisioning fee** of **$3.00 per dedicated IPv4 address** at subscription start, in addition to the monthly subscription fee. This fee covers irreversible upstream IPv4 allocation costs (each dedicated IPv4 address is leased from our upstream network provider for a minimum one-month term with no mid-period proration) and is **not included in the 14-day money-back guarantee**. If you request a refund within the 14-day window, the monthly subscription fee is refunded in full; the provisioning fee is retained. The provisioning fee is disclosed on the checkout page before purchase and itemized separately on your receipt. **5.3 Non-Refundable Setup Fee on Compute-Backed Tiers.** Tiers that provision a dedicated compute instance for your subscription (currently **Pulse**, **Pulse+IPv4**, and **Relay**) charge a one-time, non-refundable **setup fee** of **$29.00** at subscription start, in addition to the monthly subscription fee and any provisioning fee under §5.2. The setup fee is **waived in full when you initially subscribe on an annual or longer billing cadence** (annual, quarterly-prepaid, or three-year prepay). The setup fee covers the irreversible cost of allocating, imaging, hardening, attaching the WireGuard interface to, and capacity-reserving a dedicated relay slot for your account, including the operator-time component that does not vary with the length of your first period. It is distinct from the §5.2 provisioning fee, which covers only the upstream IPv4 allocation. If you request a refund within the 14-day window on a monthly subscription, the monthly subscription fee is refunded in full; any §5.2 provisioning fee and the §5.3 setup fee are retained. The setup fee, if charged, is disclosed on the checkout page before purchase and itemized separately on your receipt. **The 14-day guarantee does not apply to:** (a) renewal charges (only the first paid period is refundable); (b) accounts terminated for AUP violation; (c) accounts that consumed more than 100 GB of egress bandwidth during the period; (d) compute-backed tiers (Pulse, Pulse+IPv4, Relay) where a dedicated compute instance has been provisioned — the §5.3 setup fee and §5.2 provisioning fee are retained; the monthly subscription fee is refundable within the 14-day window per §5.1; (e) Founding Member multi-year prepaid plans (Founding Member purchases are final after the 14-day window); (f) the one-time provisioning fee on IPv4-carrying tiers, as described in §5.2; (g) the one-time setup fee on compute-backed tiers, as described in §5.3. After the 14-day window, **all fees paid are non-refundable.** This policy is a material term of this Agreement; without it, Sidecar's pricing would be substantially higher. --- ## 6. Chargeback Resolution and Liquidated Damages **6.1 Pre-Chargeback Obligation.** If you dispute a charge, you agree to first email billing@sidecar.network and allow Sidecar fourteen (14) calendar days to resolve the dispute before initiating a chargeback, reversal, or "unauthorized transaction" claim with your card issuer, bank, or PayPal. **6.2 Liquidated Damages for Unjustified Chargebacks.** If you initiate a chargeback or payment reversal that is later (a) reversed in Sidecar's favor by the processor, (b) withdrawn by you, or (c) determined by an arbitrator to have been unjustified — i.e., the underlying charge was authorized, the Services were delivered consistent with this Agreement, and the 14-day refund window had passed or was not invoked — then you agree to pay Sidecar, as **liquidated damages and not a penalty**, the sum of **fifty U.S. dollars ($50.00) per chargeback** plus all processor fees, network association assessments, and reasonable collection and attorney's fees incurred. The parties agree that actual damages from such chargebacks (including processor case fees of $15–$25, time spent compiling evidence, reputation-program impacts, and reserve holds) are difficult to ascertain and that $50 is a reasonable pre-estimate. **6.3 Account Suspension During Dispute.** Sidecar may suspend any account immediately upon receipt of a chargeback notification from the payment processor. Service is suspended pending dispute resolution; peers and IP allocations remain reserved for thirty (30) days. If the dispute is resolved in Sidecar's favor (or withdrawn), service is restored within 24 hours. If resolved against Sidecar, the account is terminated and resources are reclaimed. **6.4 Evidence Package.** You acknowledge that Sidecar retains, for the purpose of defending chargebacks, the following evidence (see [AUDIT_LOG.md](AUDIT_LOG.md) for the complete schema): timestamped click-through acceptance log of this Agreement and the Privacy Policy with document SHA-256 hashes; IP address, user-agent, and session identifier at acceptance time; WireGuard handshake logs proving service delivery (peer public key, handshake timestamp, bytes transferred); IP allocation records; email delivery receipts (sent + delivered + opened where available); webhook records of subscription lifecycle events; renewal-reminder email send receipts; cancellation-page interaction records. **You consent to Sidecar's submission of this evidence to processors, networks, and arbitrators in defense of any payment dispute.** --- ## 7. Mandatory Arbitration; Class Action Waiver **7.1 Binding Arbitration.** Except for the carve-outs in §7.4, **any dispute, claim, or controversy arising out of or relating to this Agreement or the Services shall be resolved exclusively by binding individual arbitration administered by the American Arbitration Association ("AAA") under its Consumer Arbitration Rules then in effect.** The arbitration shall be conducted by a single arbitrator in the State of Delaware or, at your election, by video conference. Judgment on the award may be entered in any court of competent jurisdiction. Before initiating arbitration, you must first send written notice of dispute to billing@sidecar.network describing the dispute and the relief requested. Sidecar shall have sixty (60) days from receipt to attempt informal resolution. No arbitration may be initiated during this informal resolution period. **7.2 Class Action Waiver.** **YOU AND SIDECAR EACH WAIVE THE RIGHT TO BRING OR PARTICIPATE IN ANY CLASS ACTION, COLLECTIVE ACTION, MASS ARBITRATION, OR REPRESENTATIVE PROCEEDING. THE ARBITRATOR MAY NOT CONSOLIDATE OR JOIN CLAIMS OF MORE THAN ONE PERSON.** If the class action waiver in this Section is held to be unenforceable as to all or some of the claims at issue, then those claims (and only those claims) shall proceed in court. The remainder of this Agreement, including the arbitration provisions for all other claims, shall remain in full force and effect. **7.3 Forum and Governing Law.** This Agreement is governed by the laws of the **State of Delaware**, without regard to conflict-of-law principles. For any claim not subject to arbitration, exclusive jurisdiction lies in the state and federal courts located in **New Castle County, Delaware**, and you consent to personal jurisdiction therein. **7.4 Carve-Outs.** Either party may bring (a) an individual action in small-claims court for claims within that court's jurisdiction, (b) an action for injunctive or equitable relief to protect intellectual property or to enforce §3 (AUP) or §2 (license restrictions), and (c) a payment-collection action for amounts due under §4 or §6. **7.5 30-Day Opt-Out.** You may opt out of §7.1 and §7.2 by emailing **arbitration-optout@sidecar.network** within thirty (30) days of first accepting this Agreement, stating your name, account email, and intent to opt out. Opt-out does not affect any other section of this Agreement. Founding Member 3-Year Prepay pricing is available only to subscribers who do not exercise the opt-out right in this Section. Subscribers who opt out of arbitration remain subject to all other provisions of this Agreement but are ineligible for Founding Member pricing tiers. Existing Founding Member subscribers who exercise the opt-out forfeit the Founding Member discount prospectively from the date of opt-out; the standard monthly rate applies thereafter. **7.6 Mass Arbitration Protocol.** If 25 or more substantially similar arbitration demands are filed against Sidecar within any 60-day period (each a "Mass Filing"), Sidecar may at its sole election require: (a) **Bellwether Proceedings** — the parties shall identify ten (10) representative cases (five chosen by claimants' counsel, five chosen by Sidecar) to proceed first to final hearing. Remaining Mass Filings are stayed pending bellwether outcomes; the remaining demands are then resolved via mediated settlement informed by bellwether results. (b) **AAA Mass Arbitration Supplementary Rules** — Sidecar may opt into AAA's Mass Arbitration Supplementary Rules (or any successor protocol), including the consolidated administrative fee structure. (c) **Pre-Arbitration Informal Resolution** — claimants must first submit an individualized dispute notice to billing@sidecar.network and engage in good-faith informal resolution for sixty (60) days before any arbitration filing is processed. Failure to comply with this requirement is grounds for arbitrator dismissal. You agree these provisions are commercially reasonable, are essential to Sidecar's ability to offer Services at the price points listed, and that without them Sidecar's pricing would be substantially higher. --- ## 8. Limitation of Liability EXCEPT FOR LIABILITY ARISING FROM YOUR OBLIGATIONS UNDER §3 (AUP) AND §6 (CHARGEBACKS): (a) IN NO EVENT WILL SIDECAR NETWORK LLC, ITS MEMBERS, MANAGERS, EMPLOYEES, CONTRACTORS, OR UPSTREAM SUPPLIERS BE LIABLE FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, EXEMPLARY, OR PUNITIVE DAMAGES, INCLUDING LOST PROFITS, LOST REVENUE, LOSS OF DATA, OR BUSINESS INTERRUPTION, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES; (b) SIDECAR'S TOTAL AGGREGATE LIABILITY UNDER THIS AGREEMENT, REGARDLESS OF THE FORM OF ACTION, SHALL NOT EXCEED **THE TOTAL FEES PAID BY YOU TO SIDECAR DURING THE THREE (3) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM**; (c) THE SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND ACCURACY. SIDECAR DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, SECURE, OR FREE OF VULNERABILITIES; (d) YOU AGREE THAT THE LIMITATIONS IN THIS §8 ARE ESSENTIAL TO THE PRICING OF THE SERVICES AND THAT WITHOUT THEM THE FEES WOULD BE SUBSTANTIALLY HIGHER. --- ## 9. Disclosure Under Law; Warrant Canary Sidecar will comply with valid United States legal process. We reserve the right to disclose user information as necessary to satisfy any applicable law, regulation, subpoena, court order, or governmental request. By accepting this Agreement you release Sidecar from any claim arising from such compliance, except where prohibited by law. Sidecar publishes a **warrant canary** at **https://sidecar.network/canary**, signed monthly, with the protocol defined in [CANARY.md](CANARY.md). The most recent canary text is in [WARRANT_CANARY.md](WARRANT_CANARY.md). The absence or non-update of the canary should be interpreted accordingly. --- ## 10. Click-Through Acceptance The checkout page presents: > ☐ **I have read and agree to the Terms of Service, Acceptable Use Policy, and Privacy Policy, and I authorize the recurring charge described above.** > > [ **Subscribe — $X.XX/mo (or /yr), auto-renews until cancelled** ] The checkbox must be checked and the labeled button clicked to complete the Order. Sidecar logs the timestamp, IP address, user-agent, session identifier, and document SHA-256 hash of each acceptance for use as evidence under §6.4. See [AUDIT_LOG.md](AUDIT_LOG.md) for the full audit-log schema. --- ## 11. Modification; Severability; Entire Agreement **11.1** Sidecar may revise this Agreement upon thirty (30) days' notice by email to your account-of-record address and by updating the "Last Updated" date above. Continued use after the effective date constitutes acceptance. **11.2** If any provision is held invalid or unenforceable, the remaining provisions remain in full force. Each limitation of liability, disclaimer, and class action waiver is severable and independent. **11.3** This Agreement together with the AUP and Privacy Policy constitute the entire agreement between you and Sidecar regarding the Services and supersede all prior communications and proposals. --- ## 12. Contact **Sidecar Network LLC** Delaware, USA General: hello@sidecar.network Billing & Refunds: billing@sidecar.network Abuse: abuse@sidecar.network DMCA Agent: see [DMCA_REGISTRATION.md](DMCA_REGISTRATION.md) Privacy: privacy@sidecar.network Arbitration Opt-Out: arbitration-optout@sidecar.network