Usage policy and terms for using DevUpdate.io
Last updated: June 10, 2026
By accessing or using DevUpdate.io ("the Service"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree to these Terms, you may not use the Service. We reserve the right to modify these Terms at any time, and your continued use constitutes acceptance of any changes.
DevUpdate.io is a dependency tracking service that:
The Service is provided "as is" and is subject to availability and our technical capabilities.
To use DevUpdate.io, you must:
You are responsible for all activities that occur under your account. We are not liable for any loss or damage from your failure to maintain account security. Each account is licensed for use by a single individual only. Sharing account credentials or allowing multiple people to use the same account is strictly prohibited and may result in immediate account suspension or termination. If you need multiple users, please subscribe to a Team plan with appropriate seat licenses.
Profile Field Integrity: You agree that your username, display name, and any other profile fields will not contain URLs, advertisements, promotional content, references to unrelated products or offers, or characters intended to impersonate another user or deceive readers. Accounts with profile fields that appear to be commercial spam, phishing lures, or automated signups may be deleted without notice.
Email Verification and Inactive Accounts: Accounts created with an email and password must verify the email address before signing in. We will email you a reminder around day 4 if you have not yet verified, and accounts that remain unverified 7 days after signup are automatically deleted along with any associated data. If you miss this window, you are welcome to sign up again.
Inactive Verified Accounts: To keep the platform tidy, verified free-tier accounts that have never added a tracked source and never connected a lockfile will be automatically deleted 30 days after signup. Before deletion we will send up to five reminder emails (around day 2, 5, 10, 20, and 27) inviting you to add a source or to share feedback about what you are missing; the day-27 message is an explicit warning that deletion is imminent. Adding a single source or lockfile at any point, upgrading to a paid plan, or joining a team removes your account from this cleanup cohort. After deletion we send a final notification to the address on file. If your account is deleted under this policy, you are welcome to sign up again.
Team Membership:Team members receive access through invitation from team admins or owners. Each team member must have their own individual account - team membership does not create a shared account. Team membership does not grant ownership of the team subscription; all billing and ultimate team control remains with the team owner. You must comply with the team's usage policies and the team owner's instructions regarding appropriate use of the Service.
Session Limits: To prevent account sharing and ensure security, each account is limited to a maximum of 3 concurrent active sessions. When you log in on a new device and exceed this limit, the oldest session will be automatically invalidated. A session represents an active login on a specific device or browser.
You agree NOT to:
Violation of this policy may result in immediate account suspension or termination.
The free tier (Hobbyist) allows monitoring of up to 100 tracked sources and 1 lockfile. We reserve the right to adjust these limits or introduce paid plans in the future.
Usage is not unlimited on any plan. We expect reasonable use of our Service based on typical customer usage patterns. Excessive usage that may strain our infrastructure includes:
We reserve the right to throttle, rate limit, or restrict accounts that exceed reasonable usage levels. Users with legitimate high-volume needs should contact us to discuss custom arrangements or pay-as-you-go overage options.
DevUpdate.io does notclaim to provide a comprehensive archive of a tracked source's entire release history. When you add a source for the first time, we perform an initial backfill of only the 3 most recent releasesas reported by GitHub at the time the source is added. This limit exists to keep onboarding fast and to respect GitHub's API rate limits.
After the initial backfill, we track all new releases going forwardfrom the point the source was added to your account. Releases published before the 3-release backfill window will not be retroactively imported, even if you upgrade your plan.
If you require historical release data beyond this window, please consult the upstream GitHub releases page directly. We reserve the right to adjust the backfill limit at any time based on operational constraints.
Our analysis depends on GitHub's API. When we encounter rate limits, analysis may be delayed or incomplete. This is outside our control and not a breach of service.
DevUpdate.io offers paid subscription plans (Professional, Team) with additional features and limits. By subscribing to a paid plan, you agree to:
See the Plans docs for current per-tier pricing and feature comparison.
Most paid work on DevUpdate.io — generating per-user digests and release-intelligence summaries — consumes credits. One credit represents approximately 1,000 normalized tokens of LLM processing, with output tokens weighted more heavily than input tokens to match LLM-provider pricing.
Each tier includes a credit allotment per billing period:
Included credits reset at the start of each billing period and do not roll over. Shared infrastructure work (for example, a release summary first computed for one user and reused by others) is generally not charged against your included credits. One exception applies: when you are the first user to track a source that has no deterministic parser, the one-time AI extraction and the initial release summaries generated for it are billed to your account. The exact operations that consume credits are listed in the Credits & Overage docs.
EU 14-Day Right of Withdrawal: If you are a consumer established in the European Union, the Consumer Rights Directive gives you 14 days from the conclusion of your initial subscription contract to withdraw without giving any reason. This right applies to your first subscription payment; it does not apply to automatic renewal payments or to additional seats added to a Team plan mid-cycle.
Express Consent to Immediate Performance: Because DevUpdate.io consumes AI credits the moment you run a digest or release-intelligence summary, we ask you to expressly confirm at checkout that you want us to begin providing the paid service immediately. By ticking the consent box in the pre-checkout dialog, you acknowledge that if you exercise your right of withdrawal within the 14-day window after you have started using your included credits, your refund will be reduced proportionally to the credits you have already consumed.
Pro-rata Refund Formula: If you withdraw within the 14-day window, we refund your initial subscription payment multiplied by the proportion of your included credits that were still unused at the moment you request the refund:
refund = original payment × (1 − credits_used ÷ credits_included)
Examples: if you used 0 credits you receive 100 % of your payment back; if you used 30 % of your included credits you receive 70 % back; if you have fully consumed your included credits no refund is due under this formula. You can see the exact amount you would receive at any time in Settings → Subscription → Request Refund, which displays a live preview before you confirm.
Usage-based Overage Charges: Any metered overage credits you consume beyond your included allotment are billed at the per-credit rate shown on our pricing page at the time of consumption. These post-paid consumption charges are not part of the initial subscription payment and are not refunded under the right of withdrawal. Wallet top-ups and any auto-recharges are likewise consumed immediately on purchase and are non-refundable under the right of withdrawal.
How to Withdraw:The fastest way is to go to your account settings and click the "Request Refund & Cancel" button, which issues the cancellation and refund in a single step. Alternatively, you can contact our payment processor PayPro Global directly or email us at info@devupdate.io. We will process the refund via PayPro Global without undue delay; the payout typically appears on your statement within 5–10 business days.
After the 14-Day Window: Once the 14-day right of withdrawal has expired, subscription payments become non-refundable. You may cancel at any time to prevent future charges, in which case your subscription remains active until the end of the current billing period and is then downgraded to the Hobbyist tier.
Free Tier Available: A free Hobbyist tier is available to evaluate the service before committing to a paid plan. We strongly encourage all prospective customers to use it first.
When your included credits are exhausted before the period ends, billable AI work pauses. You can resume immediately by purchasing additional credits, or wait for the next billing period when your included credits reset.
Wallet top-ups. Additional credits are purchased through your wallet at €0.002 per credit (equivalent to €2 per million tokens). Top-ups are charged via PayPro Global in amounts between €1 and €500 and include progressive volume discounts at €50 (5%), €100 (10%), and €150 (15%) thresholds. Purchased credits stack with your included allotment and do not expire. Wallet top-ups are consumed immediately on purchase and are non-refundable.
Optional auto-recharge. You can opt in to auto-recharge in Settings → Wallet to keep working without manual top-ups. When enabled, your wallet automatically tops up via PayPro Global when its balance falls below a threshold you choose (€1–€25), refilling to a target you choose (€5–€100). Auto-recharge is opt-in only and off by default. Safety controls include a minimum 5-minute cooldown between charges and an automatic disable after 3 consecutive failed payment attempts. You can change or turn off auto-recharge at any time from Settings → Wallet; charges already initiated before you disable are not reversed.
You may cancel your subscription at any time from your account settings or through the PayPro Global customer portal. Upon cancellation, your subscription remains active until the end of your current billing period. After this period ends, you will be automatically downgraded to the Hobbyist (free) tier.
Team subscriptions include multiple seats for team members. The team owner is responsible for all billing and member management. When a team subscription ends or is cancelled, all team members lose access to team features and are downgraded to the Hobbyist tier.
Credit pooling: AI credits on a Team plan are pooled across all seats (5,000 included credits per seat per month of the billing period). All member usage — digests, release-intelligence summaries — draws from this shared pool. Overage and wallet top-ups on a Team plan are billed to the team owner.
Seat Management: Team plans start with 5 seats. You may add additional seats at any time at €12/month per seat or €10/year per seat. Seat billing is flexible - you can add monthly seats to a yearly plan or vice versa. Each additional seat is billed independently according to its billing period (monthly or yearly).
When you add a seat to an existing subscription:
When you remove a seat, that team member immediately loses access. The seat remains paid through the end of its current billing period but will not auto-renew. No refunds are provided for partial billing periods.
Team subscriptions use a role-based access control system with three types of roles:
Ownership Transfer: Team ownership can be transferred to another admin at any time by the current owner. Ownership transfers are permanent and cannot be reversed. The previous owner remains as a team admin but loses owner privileges. Ownership transfers do not affect billing - the new owner assumes all billing responsibilities.
Member Removal and Leaving: When a member is removed from the team or chooses to leave, they immediately lose access to all team features and are downgraded to the Hobbyist tier. Their individual account and personal data remain intact. Removed members can be re-invited if seats are available. The system prevents removal of the last admin to ensure teams always have management.
Liability and Responsibility: Team owners and admins are responsible for managing team access appropriately. You may be held liable for actions taken by team members you invite or grant admin privileges to, including but not limited to violations of these Terms, unauthorized access, or misuse of the Service. Ensure you only invite trusted individuals and regularly review team membership.
Each subscription plan includes reasonable usage limits based on typical customer usage patterns. Usage is not unlimited. Factors that affect your usage include:
We reserve the right to throttle or restrict service for accounts that significantly exceed normal usage patterns or negatively impact system performance. AI-credit overage is handled via the wallet and (optionally) auto-recharge described in §6.4. For infrastructure-level limits that cannot be addressed through credit top-ups, contact us to discuss custom arrangements.
We reserve the right to change subscription prices with at least 30 days notice. Price changes will take effect on your next billing cycle. Existing subscriptions will be honored at their current price until renewal.
Professional and Team subscribers may generate API tokens from Settings → API to access your tracked sources, releases, and analysis programmatically. Tokens carry the same access scope as your account; treat them like passwords. Sharing an API token with anyone outside your account (or, on a Team plan, outside the seats you are authorized to grant access to) violates §3 (Account Registration and Security). We store only a hash of the token; if you lose a token you must rotate it. Revoking a token from Settings → API invalidates it immediately.
The MCP server is available on Professional and Team tiers. It exposes the same data accessible via API token over the Model Context Protocol so that compatible AI clients can query your tracked sources, summaries, and risk data on your behalf. It is offered in two forms: a hosted endpoint operated by us at api.devupdate.io, and a self-run (stdio) server. The same usage limits, acceptable-use restrictions, and credit metering apply to MCP-driven requests as to direct API requests, regardless of form.
The hosted endpoint authenticates via your API token or via OAuth: third-party AI clients may request access, which you grant on an explicit consent screen and may revoke at any time from Settings → Connected AI Clients. Authorized clients receive narrowly scoped credentials limited to reading your tracked-source and available-upgrade data and dismissing upgrade notices; they act on your behalf, and you are responsible for the clients you choose to authorize. We may suspend an OAuth client's access where we reasonably suspect abuse.
The Service, including its design, features, text, graphics, and software, is owned by DevUpdate.io and protected by copyright, trademark, and other intellectual property laws. You may not copy, modify, or distribute our content without permission.
You retain ownership of data you provide (tracked-source URLs, lockfiles, account information). By using the Service, you grant us a limited license to process this data to provide our services.
AI-generated summaries and analysis are created by our systems. You may use this content for your internal purposes but may not resell or redistribute it as a service to others.
Public AI-generated content (source explorer). Source descriptions and meta-summaries shown on /explore and on public source detail pages are generated by a large language model from publicly available metadata (e.g. README excerpts for GitHub sources, page excerpts for non-GitHub sources, and our own release-summary history). This content may be inaccurate, incomplete, outdated, or misleading. It is provided for discovery and orientation only and must not be relied on as an authoritative description of any third-party project.
No affiliation or endorsement. DevUpdate.io is not affiliated with, endorsed by, or representative of the source/repository owners or their projects. The presence of a source on the explorer does not imply any relationship between DevUpdate.io and the project, its maintainers, or any other third party.
Correction and removal. Source/repository owners (and anyone with a legitimate interest) may request correction or removal of an AI-generated description or meta-summary by emailing info@devupdate.io. We will act on legitimate requests within a reasonable timeframe.
DevUpdate.io integrates with third-party services:
These services have their own terms and privacy policies. We are not responsible for third-party service availability, security, or compliance.
THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO:
DevUpdate.io is an informational tool, not a guarantee. You are solely responsible for decisions about updating dependencies and must perform your own testing and validation.
TO THE MAXIMUM EXTENT PERMITTED BY LAW, DEVUPDATE.IO AND ITS OPERATORS SHALL NOT BE LIABLE FOR:
OUR TOTAL LIABILITY SHALL NOT EXCEED THE AMOUNT YOU PAID US IN THE 12 MONTHS PRIOR TO THE CLAIM (CURRENTLY €0 FOR FREE TIER USERS).
You agree to indemnify and hold harmless DevUpdate.io, its operators, and affiliates from any claims, damages, losses, liabilities, and expenses (including legal fees) arising from:
You may delete your account at any time from your settings page. Account deletion is permanent and irreversible.
We may suspend or terminate your account immediately, without notice, if you violate these Terms, engage in fraudulent activity, or misuse the Service. We may also discontinue the Service at any time with reasonable notice.
In particular, we may delete, without individual notice: (a) accounts that fail to verify their email address within 7 days of signup; (b) accounts created by automated tools, scripts, or bots; and (c) accounts whose profile fields contain URLs, advertisements, promotional content, or other material that violates §3 or §4. These deletions may occur automatically as part of routine operations.
Upon termination, your right to use the Service ceases immediately. Data deletion follows our Privacy Policy procedures.
We reserve the right to modify, suspend, or discontinue any part of the Service at any time, with or without notice. We may also change pricing, features, or limits. We are not liable for any modifications or discontinuation of the Service.
These Terms shall be governed by and construed in accordance with the laws of Germany, without regard to its conflict of law provisions. Any disputes arising from these Terms or use of the Service shall be subject to the exclusive jurisdiction of the courts in Germany.
If any provision of these Terms is found to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary, and the remaining provisions shall remain in full force and effect.
These Terms, together with our Privacy Policy, constitute the entire agreement between you and DevUpdate.io regarding use of the Service, superseding any prior agreements.
The Service lets you generate a public link to an individual release summary. By creating such a link, you acknowledge and agree that:
If you have questions about these Terms, contact us:
By using DevUpdate.io, you acknowledge that you have read, understood, and agree to be bound by these Terms of Service.