Duo grants you a limited right to use the service for your own internal business purposes only during the subscription period, and all ownership of the software and service remains with Duo.
This analysis describes what Duo Security's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The license is explicitly non-transferable and non-sublicensable, meaning customers cannot share access with third parties, resell the service, or transfer their subscription without Duo's authorization.
Your organization's right to use Duo is limited to internal business use during the subscription term, and you cannot transfer, sublicense, or allow third parties outside your organization to use the service under your account without potentially violating the agreement.
How other platforms handle this
As between the parties, Customer retains all right, title and interest in and to the Customer Data. Customer grants to HubSpot and its Affiliates a non-exclusive, worldwide, royalty-free right to collect, use, copy, store, transmit, modify and create derivative works of Customer Data, in each case t...
By submitting, posting or displaying Content on or through the Services, you grant us a worldwide, non-exclusive, royalty-free license (with the right to sublicense) to use, copy, reproduce, process, adapt, modify, publish, transmit, display and distribute such Content in any and all media or distri...
When you share, post, or upload content that is covered by intellectual property rights (like photos or videos) in or in connection with our products, you grant us a non-exclusive, transferable, sub-licensable, royalty-free, worldwide license to host, use, distribute, modify, run, copy, publicly per...
Monitoring
Duo Security has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Subject to the terms and conditions of this Agreement, Duo grants Customer a limited, non-exclusive, non-transferable, non-sublicensable right to access and use the Services during the Subscription Term solely for Customer's internal business purposes. Duo and its licensors retain all right, title, and interest in and to the Services, including all related intellectual property rights. No rights are granted to Customer hereunder other than as expressly set forth herein.— Excerpt from Duo Security's Duo Terms of Service
(1) REGULATORY LANDSCAPE: Intellectual property licensing terms are governed by contract law and do not directly implicate specific consumer protection regulations, though unauthorized sublicensing could create third-party liability exposure. (2) GOVERNANCE EXPOSURE: Low. The license scope is standard for enterprise SaaS and the limitations on transfer and sublicensing are widely observed in the industry. The primary risk is inadvertent non-compliance by managed service providers or organizations that provide Duo-protected services to external clients. (3) JURISDICTION FLAGS: Organizations operating as managed service providers should assess whether providing Duo-protected services to their own clients constitutes sublicensing under this clause. Duo offers a separate MSP program that likely addresses this use case. (4) CONTRACT AND VENDOR IMPLICATIONS: Procurement teams should confirm that the licensed use scope covers all intended deployment scenarios, including shared services environments, outsourced IT functions, and affiliate entities. (5) COMPLIANCE CONSIDERATIONS: Software asset management programs should track Duo license counts and deployment scope to ensure compliance with the internal business purposes restriction.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Buried in Robinhood's customer agreement is broad authority to close your positions, suspend your account, and force arbitration. Here is what it actually says.
Stripe's terms authorize fund reserves, payout withholding, and account termination. Here is what the agreement states and what business owners should review.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The license is explicitly non-transferable and non-sublicensable, meaning customers cannot share access with third parties, resell the service, or transfer their subscription without Duo's authorization.
Your organization's right to use Duo is limited to internal business use during the subscription term, and you cannot transfer, sublicense, or allow third parties outside your organization to use the service under your account without potentially violating the agreement.
ConductAtlas has identified this type of provision across 7 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Duo Security.