Back to Dock AI

Terms of Service

Last updated: January 25, 2025

1. Acceptance of Terms

By accessing or using Dock AI ("the Service"), operated by Tadam SASU ("we", "us", or "the Company"), you agree to be bound by these Terms of Service. If you do not agree to these terms, please do not use the Service.

2. Description of Service

Dock AI is a Model Context Protocol (MCP) registry that enables businesses to expose their capabilities to AI agents. The Service includes:

  • Entity Registration: Businesses can register and claim their entity profiles
  • Capability Configuration: Define actions (book, send_message, search_catalog, etc.) that AI agents can execute
  • Webhook/API Integration: Connect your endpoints to receive action requests from AI agents
  • Discovery API: Allow AI agents to discover your business capabilities via domain resolution

3. User Responsibilities

3.1 Account Security

You are responsible for maintaining the confidentiality of your account credentials, API keys, and webhook secrets. You must notify us immediately of any unauthorized access to your account.

3.2 Webhook & API Security

When configuring webhooks or API endpoints, you are responsible for:

  • Request Validation: Validating the Authorization header you configured to ensure requests are authenticated
  • Secure Endpoints: Using HTTPS for all webhook URLs
  • Error Handling: Implementing proper error handling to prevent data leakage
  • Rate Limiting: Protecting your endpoints against abuse

3.3 Data Accuracy

You agree to provide accurate information about your business, including name, address, contact details, and capabilities. You must only claim entities that you are authorized to represent.

3.4 Prohibited Uses

You may not use the Service to:

  • Impersonate businesses or individuals you do not represent
  • Distribute malware, spam, or malicious content via webhooks
  • Violate any applicable laws or regulations
  • Interfere with the Service's operation or security
  • Collect or harvest user data without proper consent and legal basis

4. AI Agent Interactions

When your capabilities are set to "public", they become discoverable by AI agents where Dock AI is installed (currently Claude, ChatGPT, and Mistral). You acknowledge that:

  • AI agents may execute your configured actions with real user data
  • You are responsible for validating and sanitizing all input received via webhooks
  • Dock AI does not control the behavior of third-party AI agents
  • Actions marked as "public" can be executed without prior approval from you

5. Security Measures

Dock AI implements the following security measures:

  • Email Confirmation: Business owners can require users to confirm actions via email before execution. A 6-digit code is sent to the user's email and expires after 1 hour
  • Authorization Headers: Custom authentication headers are sent with each request to your endpoints
  • SSRF Protection: We block requests to private IPs and localhost
  • Phishing Detection: Input fields requesting sensitive data (passwords, credit cards) are blocked
  • Rate Limiting: Requests are rate-limited per capability and per IP
  • Prompt Injection Detection: Webhook responses are scanned for injection attempts

6. Limitation of Liability

To the maximum extent permitted by law:

  • The Service is provided "as is" without warranties of any kind
  • We are not liable for any damages resulting from the use or inability to use the Service
  • We are not responsible for actions taken by AI agents or the content they transmit
  • We are not liable for webhook delivery failures, delays, or security breaches at your endpoints
  • Our total liability shall not exceed the amount you paid for the Service in the past 12 months

7. Intellectual Property

You retain all rights to your business data and content. By using the Service, you grant Dock AI a license to store, process, and transmit your data as necessary to provide the Service. The Dock AI name, logo, and technology are our intellectual property.

8. Termination

We may suspend or terminate your account if you violate these Terms. You may delete your account at any time. Upon termination, your entity data and capabilities will be removed from the registry.

9. Changes to Terms

We may update these Terms from time to time. We will notify you of material changes via email or through the Service. Continued use of the Service after changes constitutes acceptance of the new Terms.

10. Governing Law

These Terms are governed by the laws of France. Any disputes shall be resolved in the courts of Paris, France.

11. Contact

For questions about these Terms, contact us at: legal@dockai.co