Terms of Service — Governance
The framework governing our compliance ledger and SDK services.
By using Mima Governance, you agree to our usage boundaries. We provide the tools to build verifiable compliance logs, while you retain ownership of your repositories and policies.
Terms & Compliance Boundaries
Review the legal boundaries governing Mima Governance integrations.
The `mima-governance` SDK, CLI binary, and local MCP server are provided under an open, developer-friendly model. You are free to run local scans, evaluate repository configurations, and run local policy test scripts without charges.
Pushing attestation records to the secure cloud database (`mima push`) and accessing the web-based posture dashboard requires a valid workspace subscription and active API keys. Keys must be stored securely.
Every compliance attestation pack compiled through the dashboard is signed using cryptographically generated keys to ensure tamper-evidence. These receipts form a verifiable audit log for external assessors.
Mima Governance acts as an instrumentation framework to collect and organize compliance evidence. Final interpretation of audit readiness and statutory compliance remains the sole responsibility of the client.
"We provide the math and the ledger. You write the code and manage the rules."