Stubly is operated by Jeff Ritz pending formation of Stubly LLC (Delaware). These terms apply to the early access period and will be superseded by post-formation terms upon entity formation. Existing users will be notified at least 30 days before any material changes take effect.
Terms of Service
Last updated 2026-04-30
What Stubly does
Stubly turns x402 payment events into PDF receipts and a compliance-grade transaction record. Customers post signed payment events to a Stubly webhook URL; Stubly ingests, deduplicates, generates receipts, and surfaces them in a dashboard with export. We do not process payments ourselves — Stubly is downstream of the actual payment.
Acceptable use
By using Stubly, you agree not to:
- Attempt to compromise the security of the service or other users' data
- Use the service to record payments related to illegal activity under U.S. or applicable foreign law
- Send traffic that exceeds the published rate limits or that constitutes abuse, sustained or burst
- Reverse-engineer, decompile, or attempt to extract the source code of the service
- Impersonate another person or organization
- Use the service to harass, defame, or otherwise harm others
We may suspend or terminate accounts for material violations after reasonable notice, except where the violation is severe enough to warrant immediate action.
Account and access
You are responsible for keeping your account credentials secure. Each person or entity may maintain only one Stubly account during the early access period.
Account access may be revoked for material violations of these terms. We will provide reasonable notice and an opportunity to remedy when feasible. Severe violations — legal, security, or repeated abuse — may result in immediate suspension.
Webhook endpoints and signing secrets
When you create a webhook endpoint, Stubly generates a signing secret that authenticates payment events sent to that endpoint. You are responsible for keeping signing secrets confidential. Compromised secrets should be revoked from the dashboard immediately and replaced with a fresh endpoint.
Stubly stores signing secrets in plaintext to verify incoming HMAC signatures. Revoked secrets cannot be recovered. We do not store full transaction payloads beyond what is necessary to provide the service.
Service availability
The early access service is provided as-is, without uptime guarantees. We will provide reasonable notice of planned maintenance when feasible. We are not liable for service interruptions, data loss, or business losses arising from service unavailability during this period.
Intellectual property
Stubly retains all rights to the service, software, branding, and documentation. You retain all rights to the transaction data you send to Stubly and the receipts generated from that data.
Privacy
Our handling of your data is governed by our Privacy Policy.
Termination
Either party may terminate the relationship at any time. After termination, we will preserve your data for 30 days during which you may request an export. After the grace period, we will permanently delete your data, retaining only what is required for legal compliance or fraud prevention.
Modifications
We may modify these terms with at least 30 days notice for material changes. Notice will be sent to the email address on your account. Continued use of the service after the notice period constitutes acceptance of the modified terms.
Governing law
These terms are governed by the laws of the State of Delaware. Disputes arising from these terms will be resolved in the state or federal courts of Delaware.
Contact
Questions about these terms? Email jeff@getstubly.com.