VoteAlly
VoteAlly platform background
Back to Home

Terms of Service

Legal terms governing use of the VoteAlly voting platform.

Effective date: February 16, 2026

These Terms of Service (“Terms”) govern access to and use of VoteAlly (the “Service”), operated by NekoTech Ventures Inc. doing business as VoteAlly (“VoteAlly,” “we,” “us,” “our”).

Business address:
7070E Farrell Rd SE, #811
Calgary, AB T2H 0T2
Canada

By creating an account, using the Service as an Organization Admin/Manager, or participating as a Voter, you agree to these Terms.

1. Definitions

  • “Organization”: The entity using the Service to run a voting session (election/meeting) for its constituency.
  • “Organization Admin/Manager”: A user authorized by an Organization to configure and operate voting sessions.
  • “Voter”: An end user invited or enabled by an Organization to cast a ballot. Voters are considered “Authorized Users” under the Organization's account.
  • “Session”: A voting event (election/meeting) configured by an Organization. Sessions may operate in MEETING mode (live, one question at a time) or ELECTION mode (multi-question, voter-paced).
  • “Customer Data”: Data submitted to the Service by or on behalf of an Organization, including voter lists, participation records, and session configuration.
  • “Ballot”: A Voter's vote/selection(s) as recorded by the Service.

2. Eligibility

The Service is intended for adults and organizational use. You may not use the Service if you are under 13. If you are an Organization Admin/Manager, you represent you have authority to bind your Organization.

3. Account Registration and Security

Organization Admins/Managers must provide accurate information and keep credentials secure. You are responsible for all activity under your account and for maintaining appropriate access controls within your Organization.

4. What the Service Does (and Does Not Do)

VoteAlly provides tools to configure Sessions, invite Voters, collect ballots, produce results and audit outputs, and export data (results, ballots, audit logs, participation records).

You are responsible for:

  • determining voter eligibility and maintaining accurate voter lists;
  • ensuring the Session setup, voting rules, notice requirements, quorums, and governance procedures comply with your bylaws and applicable law;
  • obtaining any required consents and authorizations to use voter contact information (including email and, if implemented, SMS); and
  • how you interpret and use results.

VoteAlly does not provide legal advice and does not guarantee that a Session complies with any specific governance framework. While we provide receipt codes for verification, VoteAlly does not guarantee that results will be legally binding without independent verification or that they satisfy all requirements of your governing documents.

5. Acceptable Use

You agree not to:

  • use the Service for unlawful, deceptive, or harmful activity;
  • upload or process Sensitive IDs such as SIN, SSN, passport numbers, driver's license numbers, or similar government-issued identifiers. Non-sensitive member IDs or internal organization identifiers (such as membership numbers) are permitted;
  • upload special-category/sensitive personal data unless strictly necessary and legally permitted (e.g., health data);
  • attempt to reverse engineer, bypass access controls, scrape, probe, or test the vulnerability of the Service;
  • interfere with Service operation, integrity, or security; or
  • use the Service in violation of applicable export controls, sanctions, or trade laws.

We may suspend or terminate access for suspected violations.

6. Prohibited Conduct (Anti-Abuse and Anti-Spam)

You will not, and will not attempt to:

  1. access, scrape, harvest, or extract data from the Service using automated means (including bots, spiders, scrapers, or bulk extraction outside intended features);
  2. probe, scan, or test the vulnerability of the Service, bypass access controls, rate limits, or anti-abuse systems (including CAPTCHA/Turnstile where used), or attempt to gain unauthorized access;
  3. reverse engineer, decompile, or attempt to discover source code, underlying ideas, or algorithms except to the extent permitted by law;
  4. frame, mirror, or otherwise display the Service within another website or interface in a way that could mislead users or compromise security;
  5. impersonate any person or entity, or use the Service to harass, abuse, threaten, defame, or violate the rights of others;
  6. use the Service to send, facilitate, or transmit unsolicited, deceptive, or unlawful communications (“spam”), including unsolicited email or SMS;
  7. use any information obtained from the Service (including voter lists or contact details) to advertise, market, or solicit products/services without the recipient's prior express consent and a lawful basis; or
  8. use the Service for purposes other than running legitimate voting sessions/meetings for an Organization with appropriate authority.

7. Voting Integrity, Confidentiality, and Privacy Controls

We design the Service to limit who can see what, including within an Organization.

7.1 Ballot Encryption (Confidentiality)

Ballots are never stored in plaintext. Ballot selections are stored as:

  • HMAC-SHA256 tally tokens derived from option/candidate IDs using a secret key held in the application environment (opaque strings used for fast counting), and
  • AES-256-GCM encrypted ballot content for audit recovery, decryptable only using the encryption key held securely in the application environment.

7.2 Receipt Codes (Ballot Verification)

Upon successful ballot submission, Voters receive a unique receipt code (HMAC-SHA256 hash) that can be used to verify their ballot was recorded, without revealing how they voted.

7.3 Anonymity (Timestamp Decoupling)

To reduce the ability to correlate “who voted” with “what they voted for” using timing, the recorded ballot timestamp is rounded down to the nearest hour.

7.4 Data Retention (PII Purge)

90 days (default) after a Session ends (based on actual end timestamp, not scheduled end time), an automated process permanently scrubs Voter personally identifying information (e.g., name, email, phone, member ID).

Organizations may also request early purge for ended Sessions via the Reports dashboard. Early purge is available only for Sessions in an ENDED state, is irreversible, and permanently removes Voter identifiers; it does not delete encrypted ballot records or aggregate participation counts.

We may redact identifying information from audit log records while retaining security-relevant metadata (such as action type, timestamp, and administrative actor information). Anonymous participation counts may remain for aggregate reporting and integrity checks, and ballots remain stored in encrypted/tally-token form.

Important: No online system can guarantee absolute anonymity against all attack scenarios (e.g., unlawful access to multiple systems). We use layered controls intended to materially reduce linkability and exposure.

8. Voter Terms and Responsibilities

Voters are “Authorized Users” under the Organization's account. Voters must:

  • not abuse the platform or attempt unauthorized access;
  • comply with these Terms and the Organization's instructions; and
  • understand that the Organization is responsible for voter eligibility, notices, and compliance with governing documents.

VoteAlly is not responsible for disputes between an Organization and its Voters regarding election eligibility, governance compliance, or result interpretation. Such disputes should be resolved according to the Organization's bylaws and applicable law.

9. Voter Access and Authentication

Voters may access the Service using access codes or magic links sent by email. Magic links expire after a period of time or when a new link is issued. Expired links redirect to a self-service resend page where Voters can request fresh access links.

10. Fees, Plans, and Payments

We offer free and paid plans, subscriptions, and one-time Session upgrades (“Boosts”). Pricing and plan details are shown in the Service or checkout flow.

Payments are processed via Stripe. By providing payment information, you also agree to Stripe's Terms of Service at stripe.com/legal. You authorize VoteAlly (and Stripe) to charge the payment method you provide for applicable fees, taxes, and renewals.

11. Refunds and Disputes

Unless required by law or explicitly stated in writing at the time of purchase, fees are non-refundable. Chargebacks or disputes may result in suspension while investigated.

12. Customer Data; Your Responsibilities

You retain rights to Customer Data. You grant VoteAlly a limited license to host, process, transmit, and display Customer Data solely to provide, secure, and improve the Service.

You represent and warrant that:

  • you have the right to provide Customer Data to VoteAlly;
  • you have provided required notices and obtained required consents for voter communications (including email and, if applicable, SMS). If sending emails to Canadian recipients, you represent that you have obtained express or implied consent as required by Canada's Anti-Spam Legislation (CASL).
  • you distinguish between transactional election notices (voting links, receipts) and marketing communications, and provide appropriate opt-out mechanisms for marketing; and
  • your use complies with applicable law (including privacy, anti-spam, export control, and sanctions laws).

13. Privacy and Data Processing

Our Privacy Policy explains how we process personal information. For Customer Data where you are the controller and we act as processor, our Data Processing Addendum (DPA) applies.

14. Subprocessors and Service Providers

We use third-party vendors (subprocessors) to operate the Service (e.g., hosting, email delivery, payments). We may update subprocessors over time and maintain a subprocessor list.

We will post updates to our subprocessor list and, for material changes (new subprocessors processing personal data), provide notice through the Service or by email. Continued use after the effective date of the update constitutes acceptance.

15. Platform Administrator Access

VoteAlly platform administrators (Super Admins) may access Customer Data only as reasonably necessary for support, security, and service integrity purposes, subject to confidentiality obligations.

16. Intellectual Property

VoteAlly and its software, designs, and trademarks are owned by VoteAlly or its licensors. You receive a limited, non-exclusive, non-transferable right to use the Service during the term, subject to these Terms.

If you provide feedback, you grant VoteAlly a perpetual right to use it without restriction or compensation.

17. Suspension and Termination

You may stop using the Service at any time. We may suspend or terminate access if we reasonably believe you violated these Terms or if required to protect the Service, users, or third parties.

Upon termination, we may delete or anonymize Customer Data consistent with the Privacy Policy and contractual obligations. Admin account data may be retained for a reasonable period after account closure for billing, tax, and legal purposes.

18. Disclaimers

THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE.” TO THE MAXIMUM EXTENT PERMITTED BY LAW, VOTEALLY DISCLAIMS ALL WARRANTIES, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. WE DO NOT WARRANT UNINTERRUPTED OR ERROR-FREE OPERATION OR THAT RESULTS WILL MEET YOUR REQUIREMENTS.

19. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW:

  • VOTEALLY WILL NOT BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, OR LOST PROFITS/REVENUE, LOSS OF DATA, OR BUSINESS INTERRUPTION.
  • VOTEALLY'S TOTAL LIABILITY ARISING OUT OF OR RELATING TO THE SERVICE WILL NOT EXCEED THE FEES PAID BY YOU TO VOTEALLY FOR THE SERVICE IN THE 12 MONTHS BEFORE THE EVENT GIVING RISE TO THE CLAIM (OR CAD $100 IF YOU PAID NO FEES).

Some jurisdictions do not allow certain limitations; in that case, limitations apply to the maximum extent permitted.

20. Indemnity

Organization Admins/Managers agree to indemnify and hold harmless VoteAlly from claims arising out of Customer Data, the Organization's Session setup and governance compliance, or misuse of the Service, except to the extent caused by VoteAlly's willful misconduct.

21. Governing Law; Exclusive Jurisdiction

These Terms are governed by the laws of the Province of Alberta and the federal laws of Canada applicable therein, without regard to conflict of laws rules.

You agree that any dispute arising from these Terms or the Service will be brought exclusively in the courts located in Calgary, Alberta (including the Court of King's Bench of Alberta), and you submit to their jurisdiction.

22. Service Evolution

The Service may evolve over time; features may be added, removed, or changed. Material changes that affect core functionality or your rights will be communicated as described in Section 23 (Changes to Terms).

23. Changes to Terms

We may update these Terms from time to time. If changes are material, we will provide notice (e.g., in-product or by email). Continued use after the effective date means you accept the updated Terms.

24. Assignment

You may not assign or transfer these Terms without our prior written consent. We may assign these Terms in connection with a merger, acquisition, or sale of all or substantially all of our assets, or to any affiliate or subsidiary.

25. Severability

If any provision of these Terms is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary so that these Terms will otherwise remain in full force and effect.

26. Entire Agreement

These Terms, together with the Privacy Policy and any referenced policies (such as the DPA), constitute the entire agreement between you and VoteAlly regarding the Service and supersede all prior agreements, representations, and understandings.

27. No Waiver

Our failure to enforce any right or provision of these Terms will not be deemed a waiver of such right or provision. Any waiver must be in writing and signed by an authorized representative of VoteAlly.

28. Contact

Legal and support: [email protected]
Privacy requests: [email protected]

29. Third-Party Services

The Service uses the Google Maps Platform (including the Places API and Address Validation API) to facilitate address entry for Organization profiles. By using the Service, you agree to be bound by the Google Terms of Service.

Legal Documents

Privacy Questions?

Contact our privacy team for any inquiries about our policies.

[email protected]