← The Boring DepartmentService Terms · May 2026
§ 00Service Terms · effective May 2026

Boring contracts.

What's in your monthly fee — and what isn't. This document defines exactly what you get for each TBD app: the Service Level Agreement, your monthly Support Budget in hours, code ownership and exit rights, and the boundary between Maintenance (included) and New Features (billable add-ons). It's attached to every MSA and referenced in every support conversation.

Important — web apps only

Every TBD engagement delivers a responsive web application (accessed via a browser URL on desktop, tablet, or mobile-web). We do not build native iOS or Android apps. A native mobile app is out of scope and would be quoted separately as a new engagement.


§ 01Pricing

What each app costs.

We charge a single flat price per app, regardless of how many users your organisation has, how many sites you operate, or how complex your business is. No per-user fees, no team-size tiers, no enterprise upsells.

ItemAmount
Setup fee — standard (1st instance)S$5,000 per app — 50% on prototype acceptance, 50% on go-live
Setup fee — additional instances (same parent)S$3,500 / 3,000 / 2,750 / 2,500 floor — see Section 01A
Monthly subscriptionS$500 per app, dropping to S$450 / 400 / 350 floor at 2 / 3 / 4+ instances — see Section 01A
Add-on workS$150 per hour or S$1,000 per day — for scope beyond the app (Section 5)
Integrations & connectorsTier 0 (standard auth, included). Tiers I-1 to I-4 with setup + recurring — see Section 6
AI service (when requested)1.75× model provider token cost — see Section 6.5
In-person training sessionS$100 transport + 2 hrs × S$150/hr = S$400 per session
File storage50 GB included per app; overage S$20 per additional 50 GB / month
Database / structured dataUnmetered — your records, entries, and logs do not count toward storage

All prices in Singapore dollars (SGD), exclusive of GST. There are no per-user fees, no team-size tiers, and no enterprise upsells.

§ 01aWhat counts as one app

One workflow, one price.

A single price needs a clear unit of delivery. We define one app as one workflow. A workflow is bounded by three things:

  • One business outcome. Finish the sentence "this app exists so that [X happens]" with a single outcome. If it takes two sentences, you have two workflows.
  • One primary decision-maker. The role that produces the workflow's main decision. Different decision-makers → different workflows.
  • One coherent user base. All users serve the same outcome, even if they have different access levels (admin, manager, contributor). External users (customers, the public) are a different base.

Inputs from and outputs to other systems are integrations (Section 6). Neither makes the work a new app.

Worked examples

ScenarioApp countWhy
One workflow with multiple internal roles (admin · manager · contributor)1 appSame outcome, same primary decision-maker, all internal users
Same workflow across multiple sites or branches (shared database, shared rules)1 appMulti-site is configuration. Locations become a data field.
Two distinct workflows for the same client (e.g., ops management + customer engagement)2 appsDifferent outcomes, different decision-makers, often different user bases
Your workflow pulls data from a third-party system you already operate1 app + integrationWe consume data; the third party owns the upstream workflow. See Section 6.
Workflow A + Workflow B, both built by TBD (e.g., scheduling + inventory)2 appsDifferent decisions, different decision-makers
Coordination workflow with multiple participant types, all serving one outcome1 appMultiple user types within one workflow is fine if all serve the same outcome
Parent organisation + subsidiary needing separate user pools and data isolation2 appsDifferent organisations, different data perimeters
Add a third-party service integration (email, calendar, payroll, messaging) to an existing app1 app + integrationIntegration only — priced per Section 6 tier I-1 to I-4 by complexity
Internal operations app + customer-facing portal for the same client2 appsDifferent user bases (employees vs customers) = two workflows
Same workflow but regulation forces strict data isolation (e.g., by jurisdiction)2 appsSeparate databases = separate apps even if logic is identical

Soft scope guidelines

Within one app, the following are indicators that an additional ask might be approaching a separate workflow:

  • More than 3 distinct user roles
  • More than ~12 distinct screens or views
  • More than ~10 core data entities
  • More than ~5 standard reports or exports

These aren't hard ceilings. If your app keeps growing inside these bounds, it's New Feature work (Section 5). If it materially exceeds them, we'll discuss splitting into a second app at the multi-instance pricing tier described in Section 01A.

§ 01AMultiple instances

More instances, lower unit price.

When the same parent organisation deploys the same app pattern across multiple operational instances — for example, a hotel group rolling out a rostering app across 4 restaurants, each with its own roster, staff list, and schedule — TBD applies a tiered discount on both setup and monthly recurring. The more instances under one parent, the cheaper it gets for all their instances, up to a defined floor.

What counts as a separate instance

  • Same app pattern, DIFFERENT operational data (separate rosters, separate staff lists, separate decision-makers per location) = separate instance.
  • Same app pattern, same operational data, more users = NOT a new instance (covered by base subscription).
  • Different workflow (different data model or business rules) = NOT multi-instance; it's a separate app at full standard pricing.

Setup fee tier (per added instance under same parent)

InstanceSetup feeDiscount
1st (anchor)S$5,000standard
2ndS$3,50030% off
3rdS$3,00040% off
4thS$2,75045% off
5th+ (floor)S$2,50050% off — applies to all subsequent instances

Monthly recurring tier (applied to all instances)

When instance count grows, the monthly recurring rate drops across every instance on the next billing cycle. The gradient applies to the subscription AND to integration recurring fees (Section 6 tiers I-1, I-2, I-3 monthly portions). The AI service fee (Section 6.5) is exempt and stays at 1.75× model cost regardless of instance count.

InstancesMonthly per instanceApplied to
1S$500 (100%)the single instance
2S$450 (90%)all 2 instances
3S$400 (80%)all 3 instances
4+ (floor)S$350 (70%)all 4+ instances

Worked example — 4 instances under one parent

  • Setup: S$5,000 + S$3,500 + S$3,000 + S$2,750 = S$14,250 (paid as each instance goes live).
  • Monthly subscription: 4 × S$350 = S$1,400 (re-priced when the 4th instance went live).
  • If each also has an I-2 integration: monthly integration recurring also at 70% — 4 × S$70 = S$280. Total monthly: S$1,680.

Re-pricing trigger

When the instance count under your corporate parent changes (up or down), the monthly recurring re-prices at the new tier on the NEXT billing cycle. Not retroactive, not mid-month. Setup fees for each instance are paid once at that instance's go-live, at the tier rate in effect for that instance number in the sequence.

Cross-organisation clause

The multi-instance tier applies to one corporate parent — defined by ownership or billing entity. Sister entities, separate companies under shared management, or external organisations cannot piggyback on a customer's tier. Each corporate parent's instance count is calculated independently. Multi-entity discounts require a separate Master Engagement covering all entities.

What stays out of the tier

  • Setup fees are tier-priced at the moment of go-live and not retroactively re-tiered.
  • One-time add-on work (hourly, day-rate) stays at standard S$150/hr or S$1,000/day.
  • Integration setup fees stay at Section 6 tier prices (recurring portion is the only thing that gets the gradient discount).
§ 01bProject phases & sprint cadence

From discovery to handoff.

Every engagement runs through four phases. The first three are wrapped into the setup fee. The fourth is when the monthly retainer begins. Iteration is time-boxed by sprints so it cannot become infinite, but flexible by sprint count so it accommodates real prototyping needs.

Phase 01 — Talk (45-minute discovery)

Free, no commitment. We figure out whether we are a fit. If yes, we send a Statement of Work within 2 business days.

Phase 02 — Build MVP (1–3 weeks)

Most apps deploy in 2 weeks. Simple apps (one role, basic data model) land in 1 week. Apps with custom logic — solvers, complex business rules, deep integrations — can take 3 weeks. Your SoW specifies the expected timeline before work begins. We ship the smallest working version of your app — deployed where you can use it, with your real data and real users. Sprint 0 begins as soon as the MVP is in your hands.

Phase 03 — Iterate (up to 4 sprints, each 1 week)

  • Cadence. 1 weekly check-in (30 min) + agreed changes shipped by end of week.
  • Included. Up to 4 sprints of guided iteration are included in your setup fee. Most clients converge in 1–2 sprints.
  • Overflow. Additional iteration sprints are billed at S$1,000 per sprint (one day of TBD time), in advance. We flag overflow at the end of Sprint 3 so you can decide.
  • Hard cap. Iteration ends after 8 sprints total. Beyond that, the engagement must go live, be paused, or be re-scoped as a new SoW.
  • What counts as iteration. Tweaks to the MVP within original scope — copy, layout, validation, small UX. Anything that adds new features or workflows is New Feature work (Section 5) and billed separately.

Phase 04 — Handoff (Day One of monthly retainer)

You sign off. The app goes live for production use. The monthly subscription begins on this date and bills monthly in advance. From here, ongoing changes are governed by the Support Budget (Section 3) and the Maintenance vs New Features boundary (Section 5).

End-to-end timing. Realistic full-engagement timing from SoW signature to handoff: 2–7 weeks depending on app complexity. Assumes the Client meets the response-time obligations in Section 12.

§ 02Service Level Agreement

Response, uptime, channels.

These are the response and uptime commitments that come with every app. They're real promises — if we miss them, the credit policy in Section 7 applies.

CommitmentStandard for every app
Email first-responseWithin 1 business day
Critical bug fix (P0 / P1)Within 2 business days
Uptime target99.5% monthly
Communication channelEmail (priority queue for active clients)
Hours per support sessionMax 2 hours per ticket — larger work scoped as Add-on
Quarterly reviewOn request, no charge

How we categorise issues

  • P0 — Critical. App is down or the workflow's primary action is fully broken (it cannot complete its main business outcome). We start work immediately during business hours; out-of-hours is best-effort.
  • P1 — High. Major feature broken but workarounds exist. SLA timeline applies.
  • P2 — Normal. Minor bug, cosmetic issue, or non-urgent change. Fixed within the monthly Support Budget.
  • P3 — Low. Nice-to-have, question, or general feedback. Addressed when capacity allows.

Business hours are Monday–Friday, 9am–6pm Singapore time (SGT), excluding Singapore public holidays. "Business days" follow the same calendar.

§ 03Support Budget

Your monthly hour bank.

Every app comes with 4 hours of support time per calendar month, regardless of org size. This covers any Maintenance-class work (Section 5) that takes more than 30 minutes.

  • Per app: 4 hours per calendar month.
  • Multiple apps: each app has its own 4-hour budget. A client with 3 apps has 12 hours of support per month.

What counts against the Support Budget

  • Any Maintenance work (Section 5) that takes more than 30 minutes.
  • Configuration changes you ask us to make on your behalf (e.g., adding a new user, importing a CSV).
  • Triage time for bugs that turn out to be user error or third-party issues (e.g., a Replit outage).

What does NOT count

  • Bug fixes for defects we caused — always free.
  • Security patches, dependency updates, server maintenance.
  • Uptime monitoring and backup restoration.
  • First-response triage and ticket acknowledgement.
  • Quarterly review meetings (on request).

Rollover and overflow

  • No rollover. Unused hours expire at month-end. Keeps support predictable for both sides.
  • Overflow billed at standard add-on rates: S$150 per hour, or S$1,000 per day (≥ 6 hours of contiguous work). We always quote and get written approval before billable work begins.
  • Top-up any time. Pre-pay an additional 5-hour block for S$650 (S$130/hr — 13% discount on the hourly rate).

Capacity disclosure

TBD is a small studio. When existing-client Support Budget commitments approach our deliverable capacity, TBD reserves the right to (a) decline new app engagements until capacity is rebuilt, or (b) onboard additional engineering capacity. We will not allow new sales to dilute the Support Budget already promised to existing apps. If you ever feel your support is being de-prioritised, raise it in your monthly check-in and we will surface our capacity position directly.

§ 04Data storage, exports & retention

What's stored, what's capped, what's exportable.

Every app comes with a generous file-storage allowance for the kinds of files most clients upload — PDF rosters, signed timesheets, ID photos, expense receipts, signed forms.

Storage allowance per app (file storage only)

"File storage" means uploaded files — PDFs, images, signed documents, scanned forms (technically: Replit Object Storage). It does NOT mean database row-data, which is uncapped and unmetered.

  • Per app: 50 GB of file storage included, regardless of org size.
  • Multiple apps: each app has its own 50 GB allowance. Allowances do not pool across apps.

Database (structured data) — uncapped

Staff records, shift entries, attendance logs, roster history, calculated hours, audit trails — all the structured data your app reads and writes — is unmetered and uncapped. A typical client uses well under 1 GB even after multi-year operation, so we don't bother imposing a limit.

Overage rule (file storage only)

If you exceed your file-storage cap, additional storage is billed automatically at S$20 / month per extra 50 GB. We notify you at 80% of cap so you can plan ahead. There is no cap or overage on database data.

Data exports — built into the app

Every app TBD ships includes an "Export Data" function in the admin dashboard. One click generates a .csv (or .xlsx where relevant) of any table you can see in the UI — staff, rosters, shifts, timesheets, payroll exports. This is part of the build, not a billable feature.

  • Free, unlimited, available 24/7.
  • Runs client-side from the database — no support ticket required.
  • Includes a date-range picker so you can pull just what you need.
§ 05Maintenance vs New Features

The boundary, in examples.

Every support request is classified as either Maintenance (covered by your monthly fee) or a New Feature (billable add-on). The table below is the canonical reference. If something genuinely sits in a gray area, we'll discuss before doing the work.

Maintenance — included in monthly feeNew Features — billable add-on
Bug fixes (defects against agreed scope)New fields, tables, or entity types
Security patches and dependency updatesNew screens, pages, or workflows
Hosting, uptime monitoring, daily backupsIntegrations with new third-party tools (Stripe, calendar APIs, payroll systems, etc.)
User account help (password resets, basic how-to)Data migration from legacy systems
Copy / label / error-message changes (each < 30 min)New reports, dashboards, or export formats beyond original spec
Adjusting existing dropdowns, date ranges, or filter optionsMajor UX redesigns
Updating existing reports' time periodsPerformance work beyond standard hosting tier
Fixing broken calculations or logic against specChanging calculation logic to new business rules
Browser / mobile-web responsiveness fixesNative iOS / Android app build — out of scope (see Section 19)
Routine documentation updatesNew API endpoints beyond original spec
Monitoring existing integrations; fixing what TBD brokeUpstream third-party API change breaks an integration — remediation is billable (see Section 6)

The 30-minute rule

Any change that takes less than 30 minutes to ship and doesn't add new functionality is treated as Maintenance, even if it could technically be argued either way. Small kindness costs us nothing and builds trust.

Gray area worked examples

Example requestClassification
Add a new option to an existing dropdownMaintenance (included)
Add a new dropdown to an existing formNew Feature (billable)
Rename a column header on a reportMaintenance
Add a new calculated column to a reportNew Feature
Fix a roster calculation that's wrong against specMaintenance
Change the roster calculation to use a new pay ruleNew Feature
Adjust a notification email's wordingMaintenance
Send notifications via SMS instead of emailNew Feature
Add a second location's data to an existing reportMaintenance (if same schema)
Support a second organisation with separate dataNew Feature (multi-tenant)

How we handle ambiguous requests

  • Step 1. We acknowledge within the SLA window and classify it.
  • Step 2. If Maintenance, we do it (charging against Support Budget if > 30 min) and confirm when done.
  • Step 3. If New Feature, we send a written scope + quote within 2 business days. Work begins only on your written approval.
  • Step 4. If we disagree on classification, we discuss. The 30-minute rule and the table above are the tiebreakers.
§ 06Integrations

Connecting your app to other systems.

Connecting your app to other systems your team uses — Outlook, Google Workspace, Xero, your payroll provider, Slack, custom hardware — is one of the most common requests and the most variable in cost. Every integration is its own scoped add-on, priced by complexity tier.

The four integration tiers

  • I-1 — Light (S$500–1,000 setup, no ongoing fee): one-way data push via standard OAuth or webhook. Slack channel notifications, Google Sheets sync, Discord alerts, basic Zapier triggers.
  • I-2 — Medium (S$1,500–3,000 setup + S$50/mo): two-way sync with one system, custom field mapping, standard auth. Outlook/Google Calendar sync, Xero invoice export, payroll CSV export (Talenox, HReasily, JustLogin), Mailchimp, Stripe payment links.
  • I-3 — Heavy (S$4,000–8,000 setup + S$100–200/mo): multi-system or real-time bidirectional sync, custom auth scopes, dedicated retry/monitoring. Microsoft 365 deep integration (Outlook + Teams + SharePoint via Graph API), Salesforce, SAP payroll, MS Entra ID / Azure AD SSO.
  • I-4 — Bespoke (quoted per engagement, typically S$8,000+): hardware integrations, legacy systems, government submission systems, novel work requiring discovery. NFC time clocks, biometric readers, IRAS / MOM / CPF submissions, custom ERP gateways. Each I-4 engagement begins with a paid discovery phase.

How we scope an integration

  • You tell us the system you want to connect (e.g., "sync rosters to our Outlook calendar").
  • We return tier, fixed setup price, and ongoing monthly fee within 2 business days.
  • If approved, we add it as an Integration Addendum to your SoW. Work begins on 50% deposit (I-2 and above).
  • Each integration is signed off as a separate deliverable with its own acceptance test.

Ongoing maintenance fee — what it covers

Once an integration is live, its monthly maintenance fee covers routine monitoring, our normal dependency updates, and TBD's labour to fix anything we break with our own changes. It does NOT cover changes the third-party system makes on their end.

Upstream API changes — billable, not maintenance

  • Why this matters. Microsoft changes Graph API scopes every few quarters. Google deprecates auth flows. Xero updates endpoints. Any of these can break a working integration through no fault of TBD.
  • Classification. If a third-party API change breaks an existing integration, updating for the new API is a New Feature (S$150/hr or S$1,000/day), not Maintenance — even if it was working perfectly the day before. The monthly maintenance fee may be re-quoted upward if the underlying complexity has materially increased.
  • What we do for free. We proactively notify you within 5 business days of becoming aware that an upstream change will affect your integration, and provide a fixed-price quote to remediate. We do not silently absorb the cost.

Client responsibilities for integrations

  • You hold and pay for third-party service accounts (your Microsoft 365 licence, Xero subscription, Zapier seat — TBD does not proxy or resell).
  • You provide admin consent for any OAuth permission scopes we request, in writing, before integration work begins.
  • You keep credentials / API keys valid. If a credential expires, TBD will notify you but the integration may be unavailable until you rotate it. Triage time for expired credentials counts against your Support Budget.
  • You inform TBD before changing any third-party service plan that affects integration permissions.

Integrations we will not take on

  • Anything that touches payment card data (PAN/CVV) — would put your app in PCI-DSS scope.
  • Anything that touches PHI under MOH SG or HIPAA — out of standard scope.
  • Integrations to vendors with hostile or undocumented APIs (we'll tell you upfront).
  • Cross-jurisdiction integrations requiring new data-protection registrations — possible but scoped separately.
§ 06.5AI service

Pay-as-you-go, opt-in per app.

When an app needs AI features — summarisation, classification, extraction, chat, embeddings — we bill the model provider's token cost with a flat 1.75× markup. The markup covers prompt engineering time on our side, per-request logging, guardrails, and the operational overhead of managing a shared provider account on your behalf.

How it works

  • Opt-in per app. AI is never enabled by default. You confirm in writing before we turn it on.
  • Provider passthrough. We use mainstream providers (OpenAI, Anthropic, Google) unless you specify. You are billed only for tokens your app actually consumes.
  • Monthly reconciliation. Usage is invoiced monthly in arrears, itemised by model and endpoint, with a link to the raw usage log.
  • Spend cap. Every AI-enabled app has a monthly spend cap you set. We alert at 80% and pause AI features at 100% until you raise the cap.
  • No instance-count discount. The 1.75× multiplier applies uniformly regardless of how many instances you run (see Section 01A).

What the markup does not cover

  • Building the AI feature itself — that's New Feature work (Section 5), scoped and billed like any other build.
  • Fine-tuning, custom model hosting, or dedicated capacity — quoted separately.
  • Retrieval infrastructure beyond standard Postgres + pgvector — quoted as an integration (Section 6).
§ 07SLA credit policy

If we miss, you're credited.

If we miss an SLA commitment in any given month, you're entitled to a service credit on the following month's invoice.

  • First-response missed: 5% credit per missed ticket, capped at 25% of monthly fee.
  • Critical bug fix missed: 10% credit per overrun day, capped at 50% of monthly fee.
  • Uptime missed: Credit = (target % − actual %) × 5, capped at 50% of monthly fee. Example: target 99.5%, actual 98.5% → 5% credit.

Credits are not cash refunds. They apply to your next monthly invoice. To claim, email us within 14 days of the missed SLA with the relevant ticket numbers.

§ 08Code ownership & exit

What you own, what you get on exit.

What you own from day one

  • Your source code lives in a private GitHub repository under your account, with TBD as a collaborator. You own the IP from go-live.
  • Your data is stored in a PostgreSQL database on Replit's infrastructure (powered by Neon). Exportable as CSV at any time via the in-app Export Data function.

What happens when you cancel

Cancellation requires 30 days' written notice. On your exit date we provide a free "Fork & Dump" handover at no cost:

  • Step A — Code. Create a free Replit and free GitHub account on your side. We push the repo to your GitHub or let you fork the Repl. The code is yours.
  • Step B — Data. We run a standard pg_dump and email you the resulting .sql file. Every row of your historical data.
  • Step C — Goodbye. You receive the codebase and the .sql backup. Best of luck. No exit fee.

What we don't include for free

Once we hand over the .sql file, our free obligation ends. The database itself is tied to TBD's Replit account — you can't keep using our live database. To get your app running independently you'll need to:

  • Provision your own Replit Postgres database (or Supabase, AWS RDS, Neon — your choice).
  • Import the .sql dump into that new database.
  • Update your app's database connection string and redeploy.
  • Take over hosting, monitoring, and ongoing maintenance.

Optional: one-time migration service. If you'd rather not deal with the database migration yourself, we offer a fixed-price migration: S$1,200 one-time. We provision your new database, import your data, deploy the app to your account, hand you working credentials, and disconnect from our retainer. Typically a one-day engagement.

What we keep, what we delete

  • Your data — fully deleted. Within 60 days of termination we permanently delete all your personal data, business data, file uploads, database backups, and any copies stored in our infrastructure.
  • Your code — we retain a snapshot. TBD keeps an internal archived copy of the codebase as it existed at termination — for portfolio, dispute resolution, and to inform our internal primitives library. Your fork (in your GitHub) remains entirely yours.
  • What we won't do with retained code. We won't reuse your specific business logic, branding, proprietary workflows, or client-confidential identifiers in another engagement without your written permission. Generic patterns (e.g., how a multi-shift rostering UI typically works) may inform our internal library — same way any agency learns from past work.

Most clients keep the monthly retainer because S$500/mo is cheaper than hiring an IT person to maintain their own deployment. The fork-and-dump option exists so the choice is yours, not ours.

§ 09Security, compliance & infrastructure

What we own, what Replit / Neon own.

There's a clear split between what we're responsible for and what our infrastructure provider (Replit, plus Neon for the database layer) is responsible for. Knowing this split matters before you sign.

What Replit / Neon handle (we're not liable)

  • Physical data centre security.
  • Network-level security: firewalls, DDoS protection, intrusion detection.
  • Operating-system patching on the servers your app runs on.
  • PostgreSQL database engine security and patching.
  • Platform-level compliance certifications (Replit / Neon's SOC 2, ISO 27001, etc.).
  • Backup infrastructure (Neon's continuous database backups).

If a breach originates at the Replit or Neon platform layer, TBD is not liable. The sub-processors' own terms govern their liability for such events.

Sub-processor terms & links

You acknowledge and agree to the following sub-processor terms, reviewable in full at the URLs below:

Practical reality of sub-processor recourse

TBD is the contracting customer of Replit and Neon, not you. In the event of a sub-processor breach affecting your app: (a) TBD's recourse is against Replit or Neon under their respective terms, capped as above; (b) any sums TBD recovers will be applied first to remediation work for your app, and any surplus passed through to you; (c) your own claim against TBD is governed by the liability cap in Section 13. Consider whether your own cyber-liability or business-interruption insurance is appropriate for residual risk beyond these caps.

What TBD handles (we are responsible)

  • Application-level authentication and authorisation (login, password reset, role-based access control).
  • Input validation and sanitisation in the code we ship.
  • Secure coding practices — no hardcoded credentials, parameterised queries, etc.
  • Dependency hygiene: keeping libraries up to date during your active subscription.
  • Access control on your specific app's database (who in your team can see what).

Enterprise compliance (out of scope on standard engagements)

Standard TBD apps are suitable for SMEs and government units handling routine operational data (staff names, shift times, contact info). They are not pre-certified for high-compliance environments.

  • If you require ISO 27001, SOC 2 Type II for your specific app, HIPAA-grade PHI handling, PCI-DSS for cardholder data, or sector-specific certifications (banking, healthcare) — that's a separate compliance engagement. Scopeable, but billable, requires an independent assessment, and usually means moving off Replit to a hardened deployment.
  • PDPA (Singapore). Your app, as delivered, supports compliance with Singapore's PDPA for typical operational use cases. You remain the Data Controller for the personal data in your system; TBD acts as a Data Intermediary. A standalone DPA can be signed alongside the MSA on request.

Breach response

If we discover or are notified of a breach affecting your app we will: (a) notify you within 24 hours of discovery, (b) immediately investigate and mitigate at the application layer, and (c) coordinate with Replit / Neon if the breach is infrastructure-level. We do not accept liability for breaches arising from causes outside our application code.

§ 10Payment terms & invoicing

When and how we get paid.

Invoicing

  • Setup fee: 50% invoiced on contract signature; 50% on go-live.
  • Monthly subscription: invoiced on the 1st of each month, payable in advance for the coming month.
  • Add-on work: invoiced on completion. Projects above 1 day require a 50% deposit before work begins.
  • Currency: all amounts in Singapore dollars (SGD). Bank transfer or PayNow accepted. International wire fees are the client's responsibility.

Payment terms

  • Due: within 14 calendar days of invoice issue.
  • Late payment interest: 1.5% per month (or pro-rated portion) on overdue amounts, accruing daily from the 15th day after invoice.
  • Suspension: if any invoice is more than 30 days overdue, TBD may suspend service after 7 days' written notice. Suspended apps remain non-functional until all overdue amounts (including accrued interest) are paid.
  • Reactivation fee: one (1) month of subscription, in addition to the outstanding balance.
  • No work on overdue accounts: TBD will not perform support, bug-fix, or add-on work while an invoice is overdue.
  • No partial refunds: setup fees and paid-in-advance subscription periods are non-refundable except where required by law.
§ 11Acceptable Use Policy

What you can't use the app for.

Your app, built and hosted by TBD, must not be used for any of the following. We reserve the right to suspend service immediately on discovery of a violation and to terminate without refund for serious or repeat violations.

  • Illegal content or activity under Singapore law or any jurisdiction where the app is used.
  • Spam, phishing, unsolicited bulk communications, or distribution of malware.
  • Storing personal data of children under 13 (or applicable local age of digital consent) without explicit parental consent.
  • Storing payment card data (PAN, CVV, magnetic stripe) — TBD apps are not PCI-DSS scoped.
  • Storing Protected Health Information (PHI) regulated under HIPAA, MOH SG, or equivalent — TBD apps are not health-data scoped.
  • Content that infringes third-party IP, defames any person, or violates privacy laws.
  • Cryptocurrency mining, DDoS tooling, or other resource-abusive workloads.
  • Reverse-engineering, security testing, or penetration-testing of Replit's or Neon's infrastructure (you can test your own app code with prior written notice to TBD).
  • First-offence cure: for non-malicious, non-critical violations, TBD will give you 48 hours to cure before suspending. Serious violations (illegal content, infrastructure abuse) are suspended immediately.
  • Termination without refund: TBD may terminate the engagement immediately on confirmed AUP breach. No refund of setup fees or subscription paid.
§ 12Client responsibilities

What we need from you.

  • Credentials. Use strong, unique passwords. Enable MFA where supported. Don't share credentials externally. You are responsible for activity under your accounts.
  • Data accuracy. You are responsible for the accuracy, legality, and ownership of all data you input or upload to the app.
  • Regulatory compliance. You are responsible for compliance with laws applicable to your business, industry, and employees (e.g., PDPA, MOM rules for shift scheduling). The app supports your compliance but does not absolve you of it.
  • User training. One (1) onboarding session is included in setup. Beyond that, you train your own users. Additional sessions are billable at add-on rates.
  • Cooperation. Respond to TBD's reasonable requests for input, approvals, and feedback within agreed SLA windows. Delays in your response may shift project timelines without penalty to TBD.
  • Third-party services. You maintain accounts and payment with any third-party services your app integrates with (email provider, calendar APIs, payroll systems).
  • Custom domains. TBD hosts your app on a TBD-managed subdomain by default (e.g., yourapp.boringdept.app) at no extra cost. For a custom domain (e.g., roster.yourcompany.com), you bear registration and renewal costs (typically S$15–50/yr, paid to your registrar). TBD performs standard DNS setup (one A/CNAME record + SSL) as part of go-live at no charge; complex DNS work is billable as add-on.
§ 13Warranties, liability & indemnification

The legal envelope.

Warranties

TBD warrants that services will be performed with reasonable care and skill, consistent with industry standards for vibe-coded custom software development. Otherwise, services are provided "as-is" and TBD makes no other express or implied warranties, including no warranty of uninterrupted operation, error-free service, fitness for a particular purpose, or merchantability.

Liability cap

  • Aggregate cap. TBD's total aggregate liability arising from or related to this engagement (whether in contract, tort, statute, or otherwise) is capped at the fees actually paid by you to TBD in the twelve (12) months preceding the event giving rise to the claim.
  • Exclusion of indirect damages. TBD is not liable for indirect, consequential, special, incidental, exemplary, or punitive damages — including lost profits, lost revenue, business interruption, lost goodwill, or lost data beyond what is recoverable from backups.
  • Carve-outs. The cap and exclusion do NOT apply to: (a) TBD's gross negligence or wilful misconduct, (b) TBD's IP indemnification obligations below, or (c) any liability that cannot be limited or excluded under Singapore law.
  • Sub-processor exclusion. TBD is not liable for damages arising from breaches, downtime, or actions of sub-processors (Replit, Neon, or any future disclosed sub-processor). Your recourse for such matters is against the sub-processor under their own terms.

Client indemnification

You will indemnify, defend, and hold harmless TBD (including its founders, employees, and contractors) against any third-party claims, damages, losses, costs, and expenses (including reasonable legal fees) arising from: (a) content or data you uploaded to the app, (b) actions or claims of your end-users, (c) your breach of these Service Terms or any applicable law, or (d) your violation of the Acceptable Use Policy.

TBD indemnification

TBD will indemnify, defend, and hold harmless the Client against any third-party claim that TBD's original application code (excluding open-source libraries and client-directed integrations) infringes a third party's intellectual property rights, subject to: (a) prompt written notice from you, (b) TBD controlling the defence, and (c) your reasonable cooperation. TBD's sole obligations under this indemnity are to: replace or modify the infringing code, procure a licence, or refund the unamortised portion of fees paid for the infringing component.

§ 14Confidentiality & publicity

What stays private, what we can talk about.

Mutual confidentiality

Both parties acknowledge they may receive non-public information ("Confidential Information") from the other. Each party will: (a) use such information only to perform under this engagement, (b) protect it with at least the same degree of care as their own confidential information (and in no event less than reasonable care), and (c) not disclose it to third parties without the other party's written consent.

Carve-outs: Confidential Information does not include information that is (a) publicly known through no fault of the receiving party, (b) rightfully received from a third party without confidentiality obligations, (c) independently developed without use of the disclosing party's information, or (d) required to be disclosed by law or court order (with prompt notice where legally permissible).

Confidentiality obligations survive termination for three (3) years.

Publicity and references

  • TBD may name you as a client and display your name and logo on our website, pitch decks, portfolio, and similar promotional materials.
  • Case studies: TBD may publish a case study describing the work performed, subject to your reasonable review and approval (not unreasonably withheld). You may redact business-sensitive details.
  • Opt-out: you may opt out of being publicly named at any time by giving TBD written notice. Existing materials are removed within 30 days.
  • Press releases or joint announcements require mutual written approval.
§ 15Non-solicitation & non-exclusivity

The people and the studio.

Non-solicitation of TBD personnel

During the engagement and for twelve (12) months after termination, you will not directly or indirectly solicit, hire, or engage as a contractor any TBD employee, contractor, or sub-contractor with whom you had material contact during the engagement, except (a) via TBD's written placement consent (which TBD may grant subject to a placement fee equal to six (6) months of that person's TBD compensation), or (b) where that person responded to a general public job posting not specifically directed at TBD personnel.

TBD is non-exclusive

TBD is a multi-client studio. Nothing in this engagement prevents TBD from working with other clients, including in your industry or with similar use cases, provided TBD does not disclose your Confidential Information or reuse your specific business logic without permission.

§ 16Force majeure

When the world breaks.

Neither party is liable for failure or delay in performance caused by events beyond its reasonable control, including: acts of God, war, civil unrest, terrorism, pandemic, government action, natural disaster, internet or telecommunications outage, or outage / breach of any sub-processor (including but not limited to Replit and Neon). The affected party must give written notice within five (5) business days and use commercially reasonable efforts to resume performance. If a force majeure event persists beyond sixty (60) consecutive days, either party may terminate the engagement on written notice without further liability (save for fees already accrued).

§ 17Dispute resolution & governing law

If it ever gets ugly.

  • Governing law: Singapore.
  • Good-faith negotiation: before any party initiates formal proceedings, both parties will attempt to resolve disputes through good-faith negotiation between authorised representatives for at least thirty (30) days.
  • Mediation: if negotiation fails, the parties will refer the dispute to mediation administered by the Singapore International Mediation Centre (SIMC) under its rules in force at the time.
  • Courts: unresolved disputes will be subject to the exclusive jurisdiction of the courts of Singapore.
  • Costs: each party bears its own costs of negotiation and mediation. The prevailing party in litigation is entitled to recover reasonable legal fees from a frivolous or vexatious claim, at the court's discretion.
§ 18General provisions

The fine print fine print.

  • Assignment. You may not assign this engagement to a third party (including by acquisition or change of control) without TBD's prior written consent, which will not be unreasonably withheld. TBD may assign in connection with a sale of substantially all its assets or a change of control, on written notice to you.
  • Severability. If any provision is held invalid or unenforceable, the remaining provisions remain in effect, and the parties will replace the invalid provision with a valid one that achieves the same intent.
  • Entire agreement. The MSA, these Service Terms, the DPA (if signed), and any signed Statement of Work constitute the entire agreement between the parties on the subject matter, superseding all prior discussions, proposals, and agreements.
  • No waiver. A party's failure to enforce any right or provision is not a waiver of that right or provision.
  • Notices. Formal notices must be in writing and sent to the email or postal addresses specified in the MSA. Email notices are deemed delivered on the next business day after sending.
  • Counterparts and e-signature. This engagement may be signed in counterparts (including electronically via DocuSign, HelloSign, or equivalent), each of which is an original, and together constitute one agreement.
  • Independent contractor relationship. TBD is engaged as an independent contractor. Nothing in this engagement creates a partnership, joint venture, employment, or agency relationship.
  • Survival. Sections covering data export rights, code retention and exit, security liability allocation, payment obligations accrued, warranties / liability / indemnification, confidentiality and publicity, non-solicitation (12 months), dispute resolution, and these general provisions survive termination.
§ 19Out of scope

What we don't do.

  • PCI-DSS-scoped integrations. Any integration that would put your app in PCI scope is out of standard. We integrate with payment providers via tokenised redirects (Stripe Checkout, etc.), not direct card handling.
  • Integrations to vendors with hostile or undocumented APIs. We'll tell you upfront during scoping. See Section 6.
  • Native iOS / Android apps. We deliver responsive web apps only. Your app will work on a phone browser, but it's not a downloadable native app. Native is a separate engagement we'd need to quote.
  • Enterprise compliance certifications. ISO 27001, SOC 2 Type II for your specific app, HIPAA, PCI-DSS, and similar are out of standard scope. See Section 9.
  • 24/7 on-call support. We're a small team. Critical incidents during weekends or public holidays get best-effort response — no guaranteed wake-up calls.
  • Custom legal, compliance, or accounting work. We build software; we don't write your PDPA policy or your payroll calculations.
  • Training programs beyond initial onboarding (1 session included; further sessions billable).
  • Direct-to-consumer customer-facing features. We build operator / admin tools.
  • AI-generated decisions in production — by design. AI is in our build pipeline, not in your end product.

Effective May 2026 · v1.0

← Back to the studio