Disclaimer

Name: Arcan
Author: GetArcan

Last updated: April 2026

1. Software Provided As Is

Arcan is provided "as is" without warranty of any kind. While we strive for quality and security, no software is perfect. You use Arcan at your own risk.

2. Security Responsibility

GetArcan is not responsible for security breaches, data loss, or unauthorized access resulting from:

Misconfiguration of Arcan or its plugins
Running outdated or unpatched versions of the software
Improper use, such as exposing admin endpoints to the public internet
Failure to secure master keys, root tokens, or encryption keys
Insufficient infrastructure security (network, OS, storage)

3. Dynamic Credentials and Upstream Systems

Arcan generates dynamic credentials through its plugin engines (database credentials, cloud IAM tokens, SSH certificates, etc.). These credentials are issued by and subject to the security of the upstream system (your database, cloud provider, certificate authority, etc.). GetArcan is not liable for vulnerabilities, outages, or breaches in upstream systems.

4. Backup and Disaster Recovery

You are responsible for implementing your own backup, disaster recovery, and key management practices. This includes backing up your Arcan configuration, database, and encryption keys. GetArcan does not provide data recovery services.

5. Third-Party Plugins

Arcan supports a plugin SDK that allows the community to build extensions. Third-party plugins are not audited, reviewed, or endorsed by GetArcan. You should evaluate third-party plugins independently before deploying them in production environments.

6. Website Content and Comparisons

Information on getarcan.dev, including feature comparisons, benchmark data, and technical specifications, is provided in good faith but may become outdated as competing products evolve. You should verify any comparison data independently before making purchasing or architectural decisions.

7. Compliance

Arcan does not guarantee that the software meets specific compliance requirements such as SOC 2, HIPAA, PCI-DSS, FedRAMP, ISO 27001, or any other regulatory standard. While Arcan includes features that can support compliance efforts (audit logging, encryption, access controls), you are responsible for validating compliance within your own environment and regulatory context.

8. Contact

If you have questions about this disclaimer, contact us at [email protected].