Tulip

Tulip Terms and Conditions

Last updated: March 2026

Please read these Terms and Conditions ("Terms") carefully before using the Tulip platform. By provisioning an agent or using any part of the Tulip service, you agree to be bound by these Terms. If you do not agree, do not proceed.

For questions, contact us at support@tulip.md.

1. Service Description

Tulip is an agent control plane that provisions isolated AI agent runtime instances on third-party cloud infrastructure. Tulip provides tooling to deploy, connect, and manage AI agents; it does not guarantee the behaviour, output, or safety of any AI model or agent running within the platform.

2. No Liability for Security Issues

Tulip provides no warranty of security, and accepts no liability for security incidents, breaches, unauthorised access, data exfiltration, or any other security-related event affecting your runtime or the data contained within it.

Your runtime instance is deployed on shared cloud infrastructure (DigitalOcean, Hetzner Cloud, or other providers). While Tulip takes reasonable steps to isolate instances using Cloudflare Tunnels and access tokens, you acknowledge that:

  • No cloud-based system is immune to security vulnerabilities.
  • Tulip cannot guarantee that third-party infrastructure providers are free from flaws or breaches.
  • You are solely responsible for hardening your runtime environment, restricting access, and monitoring for suspicious activity.
  • Tulip shall not be held liable for any loss, damage, or liability arising from security incidents, whether caused by platform vulnerabilities, third-party infrastructure failures, or any other means.

    • 3. No Backups or Data Recovery

    Tulip does not back up your data. No data recovery service is available.

    When a runtime is deprovisioned — whether by you, automatically, or due to non-payment or breach of these Terms — the associated server, its disk contents, and all data stored on it are permanently and irrecoverably deleted. This includes agent configurations, conversation history, files, and any other data stored on the instance.

    You are solely responsible for:

  • Exporting or backing up any data you wish to retain before deprovisioning.
  • Maintaining copies of any configuration or content generated by your agents.
  • Ensuring business continuity in the event of runtime deletion.

    • Tulip shall have no obligation to recover lost data under any circumstances.

    4. Customer Responsibility for Private Keys and Secrets

    You are solely responsible for the management, rotation, and security of all private keys, API tokens, credentials, and secrets used within your runtime environment.

    This includes but is not limited to:

  • Slack bot tokens and OAuth credentials.
  • API keys for inference providers (e.g., OpenAI, Anthropic, or others).
  • Cloud provider credentials or service account keys.
  • Encryption keys, signing keys, and authentication tokens.
  • Any other secrets injected into or generated by your agent runtime.

    • Tulip encrypts tokens at rest using AES-256-GCM where technically feasible, but cannot guarantee the security of secrets that are passed to, stored within, or processed by your agent runtime. You must treat all secrets as sensitive, apply the principle of least privilege, and rotate credentials regularly. If you suspect a secret has been compromised, you must revoke and replace it immediately.

    Tulip accepts no liability for losses arising from compromised or mishandled credentials.

    5. AI Agents Are Non-Deterministic — Use at Your Own Risk

    AI agents deployed on Tulip are inherently non-deterministic. Their outputs, actions, and behaviour cannot be guaranteed to be accurate, safe, consistent, or appropriate for any particular purpose.

    By using Tulip, you acknowledge and accept that:

  • Large language models (LLMs) and AI agents may produce incorrect, misleading, biased, harmful, or unexpected outputs.
  • Agents may take unintended actions when given tool access or integrations (e.g., Slack, APIs, file systems).
  • Outputs should not be relied upon as professional advice (legal, financial, medical, or otherwise) without independent verification.
  • Model behaviour may change over time due to updates from model providers.
  • You are fully responsible for reviewing, testing, and validating agent behaviour before deploying it in any production or customer-facing context.
    • You use AI agents on Tulip entirely at your own risk. Tulip is not responsible for any harm, loss, or liability arising from agent outputs or actions.

    6. Data Responsibility, Legal Compliance, and Prohibited Use

    You are solely responsible for all data held, processed, or generated within your agent runtime. You must ensure that your use of Tulip complies with all applicable local, national, and international laws and regulations.

    This includes but is not limited to:

  • Data protection laws: You must comply with GDPR, CCPA, and any other data privacy regulations applicable to you or to the individuals whose data your agents process. You are the data controller; Tulip acts as a data processor only to the extent necessary to provide the service.
  • Content laws: You must not use Tulip to generate, store, or distribute content that is unlawful, harmful, abusive, defamatory, obscene, or otherwise prohibited by law.
  • Export controls: You must comply with all applicable export control and sanctions laws.
  • Sector-specific regulations: If you operate in regulated sectors (healthcare, finance, legal, etc.), you are responsible for ensuring your use of AI agents meets applicable regulatory standards.

    • 7. Prohibited Activities and Enforcement

    The following activities are strictly prohibited on the Tulip platform:
  • Using agents to conduct or facilitate illegal activities of any kind.
  • Generating or distributing harmful, abusive, harassing, threatening, or illegal content.
  • Attempting to exploit, attack, or compromise Tulip's infrastructure or that of third-party providers.
  • Using agents to scrape, spam, or engage in large-scale automated abuse.
  • Violating the intellectual property rights of any third party.
  • Processing personal data of third parties without appropriate legal basis or consent.
  • Using the platform to circumvent security controls, access unauthorised systems, or engage in any form of hacking or intrusion.
    • Consequences of misconduct: Any breach of these Terms, or any detected or reported misconduct, will result in:
  • Immediate suspension or permanent termination of your account and all associated runtimes without notice or refund.
  • Reporting of the misconduct to relevant law enforcement authorities, regulatory bodies, and affected parties as required by law or deemed appropriate by Tulip.
  • Civil or criminal legal action where warranted.

    • Tulip reserves the right to monitor platform activity to the extent permitted by law for the purposes of detecting abuse, ensuring compliance with these Terms, and protecting the safety of users and third parties.

    8. Billing and Credits

    Credits are non-refundable except where required by law. Tulip reserves the right to adjust pricing at any time with reasonable notice. Unpaid balances may result in runtime suspension or deletion.

    9. Changes to These Terms

    Tulip may update these Terms at any time. Continued use of the platform after changes are posted constitutes acceptance of the revised Terms. Material changes will be communicated by email where possible.

    10. Contact

    For questions, concerns, or to report abuse, please contact:

    Email: support@tulip.md Website: tulip.md

    Questions? support@tulip.md