Terms of Service

1. What these Terms cover

These Terms cover your use of the marketing website, waitlist, demos, and any pre-launch engagements.

Production use of the Nitaq Gateway and Connector under a paid or pilot programme is governed by a separate Customer Agreement (with a Data Processing Agreement and a Service Level Agreement where applicable). Where the Customer Agreement conflicts with these Terms, the Customer Agreement prevails for that relationship.

2. Eligibility

You must be at least 18 years old and have legal capacity to enter into a binding agreement in your jurisdiction. The Service is intended for institutional and enterprise users — financial institutions, government entities, healthcare enterprises, and similar organisations — and is not a consumer product.

If you use the Service on behalf of an organisation, you represent that you are authorised to bind that organisation to these Terms.

3. Pre-launch, waitlist, and pilots

The Service is currently offered on a pre-launch basis. Submitting your email to the waitlist, attending a demo, or receiving technical previews does not create an obligation on Nitaq to provide production access, and does not guarantee a specific launch date, feature set, pricing, or service levels.

We may invite selected waitlist members to pilot the Gateway and Connector. Pilots are subject to a separate pilot agreement that specifies scope, data handling, and support.

4. Architecture and responsibilities

The Nitaq Gateway is operated by Nitaq as a cloud control plane. The Connector is software that you deploy inside your own infrastructure. The Bridge is a local adapter for connecting MCP-capable AI clients. The Dashboard is a web administration interface. The CLI is a command-line tool for configuration.

Nitaq is responsible for operating the Gateway, maintaining secure communications with deployed Connectors, enforcing Gateway-side policies, writing audit logs, and keeping our own infrastructure and software up to date.

You are responsible for the Connector deployment inside your environment, including: choosing which MCP servers, skills, policies, alerts, and guards to expose; managing the credentials the Connector uses to reach your internal systems; patching and monitoring your Connector host; configuring OPA policies to reflect your regulatory obligations (for example, SAMA, NCA, PDPL, or sector-specific rules); and ensuring the lawful basis for any data your systems return to authorised AI agents.

5. Data Boundary

The Service is designed so that sensitive enterprise data stays inside your infrastructure. The Connector opens an outbound-only WebSocket tunnel to the Gateway, enforces policy at the edge, and holds your internal credentials locally. The Gateway receives operational metadata sufficient to route, authorise, and audit calls, but does not receive the raw content of MCP tool responses or the credentials you use to reach your systems. This boundary is defined in our Data Boundary Commitment and forms part of the intended design of the Service.

You acknowledge that the effectiveness of the Data Boundary depends on correct deployment and configuration by your organisation, including correct authoring of policies and guards and secure handling of API keys.

6. Acceptable use

You agree not to (a) use the Service in any way that violates Saudi or other applicable law, including export-control or sanctions regimes; (b) use the Service to process personal data unlawfully or to circumvent your obligations under the PDPL or sector regulations such as SAMA's cyber and data rules; (c) interfere with or disrupt the Service, the Gateway, the Connector tunnel, or any connected MCP servers; (d) probe, scan, or test the vulnerability of the Service without our prior written consent (except as part of an agreed bug-bounty or disclosure programme, if offered); (e) reverse engineer, decompile, or attempt to extract source code of proprietary components, except to the extent such activity cannot be prohibited by law; (f) use the Service to develop a product that substantially replicates the Gateway, Connector, or Bridge for commercial resale; (g) attempt to defeat, weaken, or falsify audit logs, policy decisions, or guard checks; or (h) upload or route content that is malicious, infringing, or otherwise unlawful.

7. AI provider credentials

The Agentic Gateway is built around a bring-your-own-key model for AI providers (such as Anthropic, OpenAI, or Google). You are responsible for establishing your own accounts with those providers, for compliance with their terms, and for the prompts and responses routed through AI agents that you authorise. Nitaq is not a reseller of AI inference and does not assume liability for AI provider behaviour.

8. Intellectual property

Nitaq-owned software — the Gateway, Connector, Bridge, Dashboard, CLI, Nitaq SDKs, documentation, logos, and brand elements — are owned by Nitaq or its licensors and protected by Saudi and international intellectual property laws. We grant you a limited, non-exclusive, non-transferable, revocable licence to access and use the Service for its intended purpose during the term of your engagement.

Your content — the MCP servers you expose, the policies, skills, alerts, and guards you author, and the data your enterprise systems return in response to authorised calls, remain yours. You grant us only the limited rights needed to operate the Service (for example, to route an authorised MCP call, enforce policy, and write audit metadata).

Open-source components — some parts of the Service are available under open-source licences on our public repositories. Those components are licensed under their stated terms.

9. Feedback

Any feedback, suggestions, or ideas you share about the Service are non-confidential. You grant Nitaq a worldwide, royalty-free, perpetual licence to use such feedback for any lawful purpose, including improving the Service, without obligation to you.

10. Third-party services

The Service may integrate with or link to services operated by third parties — AI providers, identity providers, MCP servers you author or source externally, observability tools, and public documentation sites. Your use of those services is governed by their respective terms. Nitaq is not responsible for the availability, content, or practices of third-party services.

11. Disclaimers

The Service is provided on an "as is" and "as available" basis. To the maximum extent permitted by law, Nitaq disclaims all warranties, whether express or implied, including warranties of merchantability, fitness for a particular purpose, non-infringement, and any warranties arising from course of dealing or usage of trade.

Nitaq does not warrant that the Service will be uninterrupted, secure, or error-free, or that defects will be corrected. AI agents, MCP tool responses, and downstream enterprise outputs may contain errors; you are responsible for review and validation before acting on them in regulated contexts.

12. Limitation of liability

To the maximum extent permitted by law, in no event will Nitaq, its affiliates, officers, employees, or agents be liable for any indirect, incidental, special, consequential, or punitive damages, including loss of profits, revenue, data, goodwill, or regulatory fines, arising out of or in connection with the Service, even if advised of the possibility of such damages.

For pre-launch use of the Service covered by these Terms (as distinct from a signed Customer Agreement), our aggregate liability to you will not exceed one hundred Saudi Riyals (SAR 100). Liability caps for production use are set out in the applicable Customer Agreement.

13. Indemnification

You agree to indemnify, defend, and hold harmless Nitaq and its affiliates from any claims, damages, liabilities, and expenses (including reasonable attorneys' fees) arising from your use of the Service, your Connector deployment, the MCP servers and policies you choose to expose, your submissions, or your breach of these Terms.

14. Suspension and termination

We may suspend or terminate your access to the Service at any time, with or without cause or notice, particularly where continued access creates a security, legal, or regulatory risk. Sections of these Terms that by their nature should survive termination (intellectual property, disclaimers, limitation of liability, indemnification, governing law) will remain in effect.

15. Changes

We may modify the Service or these Terms at any time. Material changes will be announced on the website and, for customers, communicated through the Dashboard or direct notice. Your continued use of the Service after the effective date of the revised Terms constitutes acceptance.

16. Governing law and dispute resolution

These Terms are governed by the laws of the Kingdom of Saudi Arabia, without regard to conflict-of-laws rules. Any dispute arising out of or relating to these Terms or the Service will be subject to the exclusive jurisdiction of the competent courts in Riyadh, Kingdom of Saudi Arabia. The parties may agree in writing to arbitration under the rules of the Saudi Center for Commercial Arbitration (SCCA) with a seat in Riyadh.

17. Regulatory context

Nitaq provides infrastructure and tooling. We are not, by virtue of providing the Service, a bank, licensed financial institution, licensed healthcare provider, or a data controller for your enterprise systems. You remain responsible for your organisation's compliance with SAMA, NCA, PDPL, HIPAA (where applicable), and any other regulations that apply to your business. Nothing in these Terms constitutes legal, financial, or regulatory advice.

18. Miscellaneous

If any provision of these Terms is held to be unenforceable, the remaining provisions will remain in full force. Our failure to enforce any right or provision is not a waiver. You may not assign these Terms without our prior written consent; we may assign them to an affiliate or successor.

These Terms, together with the Privacy Policy and any signed Customer Agreement, constitute the entire agreement between you and Nitaq regarding the Service.

19. Contact

Legal enquiries: legal@nitaq.ai. General contact: hello@nitaq.ai.