← BACK TO HOME

Terms of Service

Last updated: 04 June 2026 · Version 2.0

These Terms of Service ("Terms") form a binding agreement between you ("you", "Customer") and Semurg AI ("Semurg", "we", "us"). By accessing or using the Semurg Platform you agree to be bound by these Terms. If you do not agree, do not use the Platform.

1. Definitions

  • Platform — the Semurg software, APIs, web interfaces, agents, and associated services.
  • Public Cloud Tier — usage of Semurg via semurg.io, billed at $10 per gigabyte of data movement.
  • Sovereign Bind Tier — one-time licensed deployment on Customer-controlled hardware, hardware-bound via TPM 2.0 attestation.
  • Customer Data — any data, content, files, prompts, or outputs that Customer ingests or generates on the Platform.
  • Output — any AI-generated response, document, image, audio, or video produced from Customer inputs.
  • Atoms — the internal accounting unit Semurg uses to meter compute, storage and movement (1 GB moved = 1,073,741,824 bytes = 1 unit at $10).

2. Acceptable Use

You agree to use the Platform lawfully, ethically, and in compliance with all applicable local, national, and international laws. You shall not:

  • Use the Platform to process, store, or transmit data you do not have lawful authority to handle.
  • Attempt to reverse-engineer, decompile, or extract source code or model weights from any non-open-source Semurg component.
  • Interfere with, disrupt, or place unreasonable load on the Platform, its APIs, its underlying networks, or other Customers' tenancies.
  • Use the Platform to generate content that is illegal, harmful, deceptive, defamatory, infringing, or that violates the rights of others.
  • Use the Platform to generate Child Sexual Abuse Material (CSAM); the Platform's CSAM filter is non-defeatable and any attempt to defeat it is itself a breach of these Terms.
  • Share access credentials, Access Keys, API keys, or session tokens with unauthorised third parties; Customer is responsible for all activity under its credentials.
  • Use the Platform to develop, train, or improve a product or service that competes with Semurg, where such use relies on benchmarking, scraping, or systematic capture of Platform Outputs.
  • Use the Platform in connection with weapons of mass destruction, critical-infrastructure attack, autonomous lethal targeting, or unlawful surveillance of natural persons.

3. Account, Access Keys, and Security

Semurg accounts are pseudonymous by default. Each account is provisioned with a single Access Key on creation. The Access Key is shown to Customer once and is not recoverable: if Customer loses the Access Key, the data secured by it is permanently inaccessible. Semurg does not retain Access Keys, has no master key, and cannot perform password resets in respect of the Access Key. Customer is solely responsible for safekeeping the Access Key.

4. Pricing and Atom Billing

  • Public Cloud Tier: US$10 per gigabyte (1,073,741,824 bytes) of Customer Data moved across the Platform's metering boundary. Storage is free; movement is metered.
  • Free Tier: Each unique device is granted a one-time, no-payment free allocation of 10 megabytes of data movement, gated by a hardware fingerprint (SHA-256 of IP + user agent + browser fingerprint) to deter abuse. After the free allocation is consumed, Customer must top up to continue using metered features. Free credits are non-transferable and may be revoked for abuse.
  • Top-up balances are non-refundable once consumed. Unused prepaid balances expire 12 months from purchase unless otherwise stated.
  • Sovereign Bind Tier: a one-time licence fee billed per node, hardware-bound via TPM 2.0 attestation. The Sovereign Bind Tier is exempt from movement metering.
  • Tax: all prices are exclusive of GST/VAT/sales tax which will be added where applicable.
  • Rate changes are communicated at least 30 days in advance and take effect from the next billing cycle.

5. Customer Data and Ownership

  • Customer retains all rights, title, and interest in Customer Data, including all Outputs.
  • Semurg does not claim ownership of Customer Data, does not train models on Customer Data, and does not surface Customer Data to other Customers.
  • Customer grants Semurg a limited, non-exclusive, royalty-free licence to host, process and transmit Customer Data solely to provide the Platform to Customer.
  • Model weights and provider APIs are licensed under their respective upstream terms (Apache 2.0, MIT, vendor terms). Customer is responsible for compliance with upstream licences when integrating its own models.

6. Data Residency and Sovereignty

Customer selects a Home Cloud and Region during onboarding. Customer Data is stored at rest only in the Home Region. Customer additionally selects (a) Allowed Processing Regions and (b) Denied Processing Regions; Semurg shall not move Customer Data into a Denied Region for any purpose. Migration between Home Regions is initiated by Customer via Settings → Data Residency and is logged immutably in the Customer's GraphVCS audit chain.

7. AI Outputs — No Warranty of Accuracy

AI Outputs are probabilistic and may be incorrect, biased, incomplete, or unsuitable for any particular purpose. Customer is solely responsible for review, validation, and use of Outputs. Outputs are not financial, medical, legal, or professional advice. Customer shall not deploy Outputs in safety-critical, life-critical, or autonomous-lethal contexts without independent qualified human review.

8. Service Levels and Availability

Semurg targets 99.5% monthly availability for the Public Cloud Tier and best-effort availability for the Sovereign Bind Tier (which runs on Customer hardware). Maintenance windows will be announced at least 24 hours in advance where practicable. Service credits, if any, are at Semurg's sole discretion and do not constitute a refund.

9. Suspension and Termination

  • Semurg may suspend or terminate Customer's access immediately on material breach of these Terms, including (i) violation of Acceptable Use, (ii) non-payment, (iii) suspected fraud, or (iv) lawful order.
  • Customer may terminate at any time by ceasing use; prepaid balances are non-refundable unless otherwise required by law.
  • On termination Customer has 30 days to export Customer Data via Settings → Export or GET /api/user/export. After 30 days the data is permanently, irrecoverably deleted, including from backups within the next backup-rotation cycle (≤ 90 days).

10. Indemnification

Customer shall indemnify and hold harmless Semurg, its officers, directors, employees and agents from any claim, loss, liability, damage or expense (including reasonable legal fees) arising from (a) Customer's use of the Platform, (b) Customer Data, (c) Customer's breach of these Terms, or (d) Customer's violation of any law or third-party right.

11. Limitation of Liability

  • To the maximum extent permitted by law, Semurg shall not be liable for any indirect, incidental, special, consequential, exemplary or punitive damages, including lost profits, lost revenue, lost data or business interruption.
  • Semurg's aggregate liability arising out of or relating to these Terms shall not exceed the greater of (i) US$100, or (ii) the amount paid by Customer to Semurg in the 12 months preceding the claim.
  • Semurg is not liable for the accuracy, completeness, suitability, or legality of any Output.
  • The Platform is provided on an "AS IS" and "AS AVAILABLE" basis. Semurg disclaims all warranties, express or implied, including merchantability, fitness for a particular purpose, and non-infringement, except where such disclaimer is prohibited by law.

12. Modifications

Semurg may modify these Terms at any time. Material changes will be communicated to Customer at least 30 days before effect via in-product notice or email to the contact on file. Continued use after the effective date constitutes acceptance.

13. Governing Law and Dispute Resolution

These Terms are governed by the laws of New South Wales, Australia, without regard to conflict-of-laws principles. The parties agree first to seek good-faith resolution by negotiation; failing that, disputes shall be finally resolved by binding arbitration seated in Sydney, Australia, under the rules of the Australian Centre for International Commercial Arbitration (ACICA), in English, by one arbitrator. Either party may seek interim or injunctive relief in any court of competent jurisdiction. The U.N. Convention on Contracts for the International Sale of Goods does not apply.

14. Export Controls and Sanctions

Customer represents that it is not located in, under the control of, or a national or resident of any country or person subject to comprehensive U.S., EU, UK or Australian sanctions, and is not on any prohibited or restricted party list. Customer shall not export, re-export, or transfer the Platform or any Output in violation of applicable export-control laws.

15. Force Majeure

Neither party shall be liable for failure or delay in performance caused by events outside its reasonable control, including acts of God, war, terrorism, civil unrest, government action, internet/telecommunications failures, pandemic, or labour disputes.

16. Assignment, Severability, Entire Agreement, Notices

  • Customer may not assign these Terms without Semurg's prior written consent. Semurg may assign on notice to Customer.
  • If any provision is held unenforceable the remainder shall remain in full force and effect.
  • These Terms, together with the Privacy Policy, the DPA and any signed Order Form, constitute the entire agreement and supersede all prior agreements on the subject matter.
  • Notices to Semurg shall be sent to [email protected]; security notices to [email protected].

17. Agents and Automated Actions

  • Agents act on Customer's behalf. When Customer creates, configures, or invokes a Semurg agent (Sales, Marketing, Partnerships, Support, Analytics, Cluster, Intelligence, or any user-defined agent), the agent's actions — including outbound emails, contact-form submissions, API calls, and Knowledge-Graph writes — are deemed authorised by Customer.
  • Manager-Agent + Approval-Gate. By default, outbound actions classified as fiat-transfer, contract-signature, KYC-decision, legal-signature, or public-landing change are HARD-BLOCKED and require Customer's explicit human approval via the Approval-Gate surface. Customer may NOT contractually expand this hard-blocked class without a signed Order Form referencing the new policy.
  • Outbound email PII handling. Agent outbound emails to external recipients have non-name personal data STRIPPED before send (names are kept in plaintext because the recipient already knows the parties). This differs from external-LLM tokenisation — see § 18.
  • Agent identity = Customer identity for liability. Customer is liable for the legal and reputational consequences of an agent acting under Customer's account, except where the action was caused by a documented Platform defect.
  • Approval logs are immutable. Every Approval-Gate decision is written to the GraphVCS audit chain; Customer cannot delete approval history (it is required for the audit invariant).

18. Customer-Provided External-Provider Keys (BYOK)

  • BYOK is mandatory for external LLM use in chat. Customer must bring their own Anthropic / OpenAI / OpenRouter / Google / xAI keys in Settings → API Keys. Semurg does not provide a shared inference budget against external providers for the chat path.
  • Semurg internal agents use cluster keys. Where Semurg agents (Helix, Security-Analyst, automated reviewers) need external inference, Semurg uses its own provisioned cluster keys — never Customer's BYOK.
  • Key handling. Customer-provided keys are stored AES-256-GCM encrypted in Customer's sovereign vault, derived from Customer's Access Key; never logged in plaintext; never shared between users, teams or orgs.
  • Upstream-provider terms apply. When Customer's prompts are routed to a third-party provider under Customer's key, that provider's terms also apply. The Shield pipeline tokenises PII at the perimeter before egress, so the upstream provider does not see raw PII.
  • Restoration on return. External-LLM responses arrive containing tokens; Semurg detokenises them inside the perimeter before they are presented to Customer or stored in conversation history.

19. Sharing Across Users, Teams and Organisations

  • Default-deny. No data is visible to anyone other than its owner unless the owner explicitly grants access via Settings → Sharing.
  • Opt-in, granular. Sharing is per-resource (a document, a knowledge-graph node, a session) and per-scope (a team, an org, or specific users). Customer controls whether sharing applies to Chat, Dashboards, Reports, or Graph-RAG context independently.
  • Org admins cannot bypass. Organisation admins manage billing and seat allocation only; they cannot read, export, search, or decrypt member content without that member's explicit share grant. This is a structural property of the Platform, not a policy promise — see § 20.
  • Revocation is immediate. Withdrawing a share removes access on the next request; cached views are invalidated on Customer's next session refresh.

20. Constitutional Invariants — No Admin Key Override

The following invariants are structural properties of the Platform's architecture. Semurg cannot waive them by policy, contract, or court order, because the underlying systems are constructed such that the data is unreadable without Customer-held keys:

  • Customer holds encryption keys. No Semurg employee, contractor, automated agent, or other Customer has, or can derive, the key that unlocks Customer's data.
  • No master key. There is no key-escrow, no break-glass admin override, and no recovery channel for a lost Access Key (see § 3).
  • No employer override of employee content. Where Customer is an organisation, the organisation's admins cannot decrypt an employee's individual content (their chats, their drafts, their private graph nodes). The "your boss can't read your mail" property is a feature, not a setting.
  • No model training on Customer Data. Customer inputs, outputs, knowledge-graph contents, and conversation history are NEVER used to train, fine-tune, RLHF, distil, or evaluate any model — internal or third-party.
  • Lawful disclosure. If Semurg receives a lawful order requiring disclosure of Customer Data, Semurg will (a) notify Customer where legally permitted, and (b) disclose only what is technically possible — which, for Customer-encrypted content, is typically only metadata Semurg holds in plaintext (billing, account creation, sub-processor logs). Semurg cannot disclose what Semurg cannot decrypt.

21. Sovereign Mail and Agent Communications

  • Inbound mail. Mail to @semurg.io arrives on Semurg's native :25 listener (with DKIM verification + anti-relay), is stored in the Admin-Inbox, and is routed to the addressed agent (cluster@, intelligence@, etc.) or to the user-owned inbox surface at /messages.
  • Outbound mail. Agent outbound is signed with Semurg's DKIM and sent direct via MX. No third-party relay service (Postmark, SendGrid, Mailgun) is in the hot path unless Customer explicitly configures one. Outbound is rate-limited and bounded by the Approval-Gate.
  • BYOD (Bring Your Own Domain). When implemented, Customer will be able to send and receive on Customer's own domain. Until then, all agent mail uses the @semurg.io domain.
  • Storage. Mail content is stored in the Knowledge Graph, PII-tokenised at ingest, owner-scoped, and subject to the same retention, residency, and erasure rules as other Customer Data.

22. Contact

Questions about these Terms: /contact or [email protected].

← Home Terms Privacy