Steep License
Copyright © 2026 Steep Ship LLC. All rights reserved.
"Licensor" means Steep Ship LLC, a United States limited liability company, operated by Shashank Thattai as managing member. References to "Steep" or "steep" elsewhere in this document refer to the consumer-facing brand name; the legal operating entity is Steep Ship LLC.
By purchasing, downloading, cloning, or otherwise accessing the steep source code (the "Software"), you ("the Licensee") agree to the terms below.
---
1. Grant of License
Subject to the restrictions in Section 2, the Licensee is granted a non-exclusive, non-transferable, non-sublicensable license to:
1. Use the Software to operate one (1) commercial digital-products store owned by the Licensee or the Licensee's company. 2. Modify the Software for the Licensee's own use. 3. Deploy the Software to as many environments (development, staging, production) as needed to support the licensed store. 4. Permit access to the Software by employees, contractors, and agents of the Licensee or the Licensee's company, where "your company" means any organization that controls, is controlled by, or is under common control with the Licensee, solely for the purpose of operating the one licensed store. Such individuals do not receive an independent license and may not retain the Software upon ceasing to act on the Licensee's behalf.
Each additional commercial store requires a separate license purchase.
---
2. Restrictions
The Licensee may NOT:
1. Resell, redistribute, sublicense, share, or open-source the Software, in whole or in part, modified or unmodified. 2. Use the Software, or any substantial portion thereof, to create, distribute, or make available any product that competes with the Software. A product competes with the Software if it is marketed as a substitute for the Software's functionality or value, regardless of how it is designed or deployed — including via different interfaces, platforms, or programming languages, and including products provided free of charge. 3. Republish modified versions of the Software as the Licensee's own product. 4. Remove or obscure the copyright notice in this file or in source code headers. 5. Use the Software to host content that violates applicable law (including but not limited to fraud, malware distribution, infringement of third-party IP, or content prohibited in the Licensee's jurisdiction). 6. Publish source code derived from the Software in any public repository, package registry, paste service, or similar platform, even with substantial modifications and even if no fee is charged. Substantial modification does not launder the redistribution.
If the Licensee shares the Software in violation of these terms, the license is automatically revoked and the Licensor reserves the right to seek damages.
2.1 Per-buyer traceability and DMCA enforcement
The Licensor maintains a record linking each purchase to the Licensee's GitHub username, payment email, and Stripe payment-intent ID. Public clones, paste-bins, or unauthorized redistributions of the Software can therefore be traced back to a specific buyer.
The Licensor's enforcement policy:
1. Public clones on GitHub, GitLab, or similar platforms will be removed via DMCA takedown notice. GitHub typically processes valid notices within 24–48 hours. 2. The originating Licensee's GitHub access to all repositories owned by the Licensor will be permanently revoked, terminating future updates and support entitlements without refund. 3. The Licensor reserves the right to publish the GitHub username of confirmed redistributors as part of an ongoing list of revoked licenses, at the Licensor's sole discretion. 4. Where damages exceed the threshold of civil action, the Licensor may pursue recovery and indemnification under Sections 9 and 11.
This clause exists as a deterrent. The Licensor's intent is to keep enforcement proportional: accidental sharing surfaces a request to remove; deliberate redistribution invokes the full process.
2.2 License ID watermark
Each Licensee receives a unique STEEP_LICENSE_ID (a UUID) at purchase, delivered via the order-confirmation email. The Licensee is required to set this ID as an environment variable on every deployment of the Software. The Software logs the truncated ID at boot for traceability and, where embedded, in build artifacts and source comments.
The Licensee may NOT:
1. Use a STEEP_LICENSE_ID that was not issued to them 2. Share their STEEP_LICENSE_ID with a third party 3. Remove the watermark loader at src/lib/_steep-license.ts or modify it to suppress the logged identifier 4. Operate the Software in production without a valid STEEP_LICENSE_ID set
If the Software is found running in commercial production without a valid STEEP_LICENSE_ID, the Licensor reserves the right to assume the deployment is unlicensed and pursue remedies under Sections 2.1, 9, and 10. If the Software is found with a STEEP_LICENSE_ID belonging to a different buyer, the Licensor reserves the right to revoke both the original buyer's license (for sharing) and the operator's license (for use of an unauthorized key).
---
3. Updates
The Software follows Semantic Versioning. Releases are tagged in git as vX.Y.Z in the Licensor's private GitHub repository to which the Licensee is added as a collaborator at the time of purchase.
3.1 Lifetime v1.x updates — included
All v1.x.y releases (bug fixes, security patches, and new minor features) are included for every Licensee at no additional cost, for the lifetime of the v1 line. This means:
- Critical and non-critical bug fixes
- Security patches
- New features that ship under a
v1.y.0minor tag - Patch releases under
v1.x.z
To receive these updates, the Licensee pulls from the Licensor's private GitHub repository using their own credentials. The Licensor commits to making good-faith releases on a rolling cadence; specific dates are not guaranteed.
3.2 Major version upgrades — paid
A major version bump (v2.x, v3.x, etc.) represents a fundamental architecture change — typically triggered by a Next.js major release that requires substantial refactoring, or by a rewrite of the storefront/admin foundation. Major versions are not included in the v1 entitlement.
- Upgrade price for existing v1 buyers: 50% off the then-current v2 retail price (a credit applied to your buyer email at checkout).
- Cap: the v1-to-v2 upgrade will not exceed $149 regardless of v2's retail price.
- Notice: the Licensor will announce v2 in the CHANGELOG and via the buyer-facing newsletter no fewer than 60 days before v2 supersedes v1 as the current product.
- v1.x continues to receive security-only patches for 12 months after v2 ships, so Licensees can upgrade on their own timeline.
3.3 Founding-cohort grandfather clause
The first 50 Licensees of the Software receive lifetime updates across all future major versions at no additional cost. Their entitlement includes v2, v3, and beyond. This is the Licensor's recognition that early support carried the project; it is not a benefit available after the 50th purchase.
3.4 Excluded from the update entitlement
Brand-new separately-named products (e.g. a hypothetical "steep Multi-Tenant" SaaS edition, or "steep Marketplace") are not updates — they are separate products and may be sold under separate license terms.
3.5 Distribution mechanism
Updates are delivered via GitHub collaborator access to the Licensor's private repository. The Licensee:
1. Receives a GitHub collaborator invite to the private steep repository within 24 hours of purchase 2. Clones the repository to their local machine 3. Pulls future releases by tag (git pull origin v1.2.0) or by branch (git pull origin main) as they choose 4. Loses GitHub access if the license is revoked under Section 2 (Restrictions)
The Licensee's own modifications live in their fork or local clone; merge conflicts during upgrades are the Licensee's responsibility, and the Licensor provides migration documentation for each minor and major release.
---
4. Refunds
Refunds: 14 days from purchase. No refund once you've downloaded a file or accepted a GitHub collaborator invite — both count as taking delivery.
Full refund available within 14 days of purchase, provided the order has not yet been "delivered."
"Delivered" means any of the following:
- The buyer viewed the order confirmation page (where deliverable links are shown)
- The buyer downloaded a file
- The buyer accepted a GitHub repository invite
- The buyer received a share link via email
Once the order is delivered, refunds are at the Licensor's discretion and typically only granted for legitimate defects (broken file, missing critical content, file does not match description) — not for "didn't end up using it."
Refund revokes the license; the Licensee must stop using the Software, remove all copies from their systems, and accept that any GitHub repository access will be revoked.
For physical products, the policy is separate: full refund before shipment; case-by-case after shipment, limited to damaged/wrong/lost items. Returns at buyer's expense in resaleable condition. Damaged-on-arrival claims within 7 days of delivery with photos.
---
5. Support
Best-effort email support at shipsteep@gmail.com. Typical response within 48 hours, no SLA guaranteed. Support covers:
- Setup questions for the documented stack (Next.js + Supabase + Stripe + Resend + Vercel)
- Bug reports against unmodified releases
- General questions about how the Software is intended to be used
Support does NOT cover:
- Custom feature development
- Migration to alternative integrations not covered in the documentation
- Code review of the Licensee's modifications
- Live debugging sessions
---
6. No Warranty
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT.
The Licensor makes no warranty that the Software will meet the Licensee's specific requirements, that operation will be uninterrupted or error-free, or that defects will be corrected.
---
7. Limitation of Liability
IN NO EVENT SHALL THE LICENSOR BE LIABLE FOR ANY DAMAGES (INCLUDING, WITHOUT LIMITATION, LOST PROFITS, LOST DATA, BUSINESS INTERRUPTION, OR PERSONAL INJURY) ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE, EVEN IF THE LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
The Licensor's total liability under this license shall not exceed the amount the Licensee paid for the Software.
---
8. Third-Party Services and Data Controller Responsibility
The Software integrates with third-party services (Supabase, Stripe, Resend, GitHub, Vercel, Shippo, Cloudflare, and others). The Licensee is responsible for complying with the terms of service and privacy policies of those providers. The Licensor is not responsible for outages, billing, data losses, or policy changes by those providers.
The Licensee acknowledges that they are the data controller (under GDPR, CCPA, and equivalent data-protection laws) for any personal data processed by their deployment of the Software, including but not limited to their customers' email addresses, names, billing/shipping addresses, payment metadata, and order history. The Licensor does not access, process, or store any data submitted to the Licensee's deployment, and is therefore not a data processor or sub-processor under those laws. The Licensee is solely responsible for:
1. Posting and maintaining a privacy policy and terms of service on their deployment 2. Honoring data-subject rights (access, deletion, portability, etc.) requested by their customers 3. Configuring, securing, and monitoring their deployment, including environment variables, database backups, and access controls 4. Notifying affected parties and regulators in the event of a data breach in their deployment 5. Compliance with consumer-protection, sales-tax, and any other applicable laws in their jurisdiction
---
9. Indemnification
The Licensee agrees to defend, indemnify, and hold harmless the Licensor from and against any third-party claims, damages, liabilities, costs, and expenses (including reasonable attorneys' fees) arising from or related to:
1. The Licensee's use, modification, deployment, or operation of the Software 2. Any data breach, security incident, or unauthorized access affecting the Licensee's deployment 3. The Licensee's violation of any law, regulation, or third-party right (including but not limited to data-protection, intellectual-property, consumer-protection, and tax law) 4. The content, products, or services the Licensee distributes through their deployment 5. Any breach by the Licensee of this License
---
10. Termination
This license terminates automatically if the Licensee breaches any term. Upon termination, the Licensee must cease all use of the Software and delete all copies.
---
11. Governing Law
This license is governed by the laws of the State of Delaware, United States, without regard to its conflict-of-laws provisions. Any disputes arising out of or relating to this license will be resolved exclusively in the state or federal courts located in Kent County, Delaware, and the Licensee consents to the personal jurisdiction of those courts.
Notices alleging infringement under 17 U.S.C. § 512(c) (DMCA) may be sent to the Licensor's contact address below.
---
For questions about licensing terms before purchase: shipsteep@gmail.com