Effective: 2026-03-25

Shared Account and Privacy Terms

Effective date: 2026-03-25

1. Scope

These terms govern the shared DBR77 account system used across DBR77 products other than Consultify, including account administration, identity management, authentication, entitlement routing, and related account-level privacy processing.

2. Covered products

Depending on entitlement, the shared account may provide access to:

  • IRIS,
  • DBR77 IIoT interfaces and portals,
  • Digital Twin,
  • Marketplace,
  • Vector-linked interfaces,
  • Masterclass,
  • other shared-login DBR77 products or modules identified in the applicable Offer, Order Form, or SOW.

3. Account model

Unless DBR77 expressly designates an account as individual-use or limited-access, the shared account model is organization-managed. Customer administrators control invitations, seat assignment, role configuration, access reviews, and deprovisioning for their organization.

4. Relationship to product terms

The shared account system provides authentication, identity administration, and entitlement routing only. Access to the shared account does not expand a customer's license, product scope, hosting rights, data rights, usage limits, or commercial entitlements beyond the applicable product-specific terms and commercial documents.

5. Information processed for shared login

Shared login data may include:

  • user identity and business contact details,
  • organization membership and tenant affiliation,
  • role, seat, and administrator assignment data,
  • login timestamps, device and browser metadata, and IP address,
  • MFA events, session identifiers, and sign-in history,
  • security, fraud-prevention, and access-review logs.

6. Purposes

DBR77 uses this account-level data to:

  • authenticate users,
  • provision access to entitled products and modules,
  • manage account security and administrator controls,
  • prevent fraud, abuse, and unauthorized access,
  • maintain auditability of account actions,
  • comply with legal and security obligations.

7. Roles of the parties

DBR77 generally acts as controller for shared-login identity administration, authentication security, billing-linked entitlement routing, and account audit logs.

The customer's organization and its administrators remain responsible for deciding which users should receive access, which roles are appropriate, and when access should be revoked.

8. Administrator responsibilities

Customer administrators must:

  • ensure that only authorized users are invited and provisioned,
  • maintain accurate user and role assignments,
  • promptly remove or disable access for departed, suspended, or unauthorized users,
  • avoid shared credentials,
  • supervise contractor, advisor, consultant, and integrator access,
  • ensure that each user is authorized to act on behalf of the organization where applicable.

9. User responsibilities

Each user must protect their credentials, use the account only for authorized business purposes, and comply with the applicable product terms, AI policy, and acceptable-use rules.

10. Shared controls

DBR77 may enforce centralized authentication, session, password, MFA, SSO, audit, fraud-prevention, and abuse controls across the shared account stack.

11. Sharing and retention

Shared-login data may be shared internally with personnel and service providers who support identity, hosting, security, communications, and support operations on a need-to-know basis.

DBR77 retains shared-login data for as long as reasonably necessary to operate accounts, maintain security, support customer administration, comply with legal obligations, and preserve appropriate audit trails.

12. Suspension and deprovisioning

DBR77 may disable accounts, sessions, API access, or product entitlements where reasonably necessary to address security risk, legal risk, fraud, abuse, payment issues, or access beyond the contracted scope.

13. Relationship to common policies

This document supplements the main privacy-policy.md, cookie-policy.md, and ai-policy.md. If there is a conflict on account-authentication matters, this document controls for the shared login flow.