Terms of service
SirenDM
TERMS OF SERVICE
Last Updated: April 29, 2026 | Effective Date: April 29, 2026
| For: Business Clients (Agencies & Creators)
IMPORTANT — PLEASE READ CAREFULLY SirenDM provides pure infrastructure and CRM automation technology. SirenDM is not a party to any relationship between Clients and their End Users. All compliance obligations with End Users including data protection, AI transparency, age verification, and outreach consent rest exclusively with the Client as the Deployer and Data Controller. By activating your account you accept these Terms in full, including the Data Processing Agreement embedded in Section 7 and all Client compliance obligations in Section 4. |
1. Definitions
In these Terms the following definitions apply:
Term | Meaning |
"Platform" | The SirenDM software, APIs, automation engine, and associated services. |
"Client" / "Deployer" | Any agency, creator, or business entity that holds a SirenDM account and deploys Agents through the Platform. Clients are Deployers within the meaning of the EU AI Act. |
"End User" / "Fan" | Any person who communicates with a Client's Telegram account via the Platform. End Users are not customers of SirenDM. |
"Agent" | An AI-powered automated persona configured, named, and deployed exclusively by a Client through the Platform. |
"Content" | Any media, text, images, videos, and messaging materials uploaded and controlled solely by Clients. |
"Prompt Library" | Optional, non-binding template materials made available by SirenDM as reference only. Clients must actively select and apply templates; they are not auto-applied. |
"AI Disclosure Feature" | A configurable questionnaire sent to End Users confirming 18+ status and AI involvement. Enabled by default; Clients may disable with documented acknowledgment. |
"Age Gate Feature" | An optional confirmation prompt sent to End Users before media delivery, requesting 18+ confirmation. Fully optional for Clients. |
"DPA" | The Data Processing Agreement set out in Section 7 of these Terms. |
2. Nature of Service — Pure Infrastructure Provider
2.1 SirenDM provides automation infrastructure and CRM tooling exclusively to business Clients. SirenDM operates as a neutral technical intermediary in the delivery of Client communications to End Users via Telegram's official APIs.
2.2 SirenDM:
Does not create, author, or own any Agent personas, prompt configurations, or content
Does not determine the purposes or means of processing End User personal data
Does not independently verify the age of End Users
Does not bear responsibility for the content or legality of Client-authored communications
Does not act as a party to the commercial relationship between Clients and their End Users
Processes data only on documented Client instructions in accordance with the DPA in Section 7
2.3 The Prompt Library contains optional template materials. When Clients select, modify, or apply any template, the resulting Agent configuration is entirely the Client's own content and instruction. SirenDM's provision of reference materials does not make SirenDM the author of any Client Agent directive.
2.4 SirenDM's role is analogous to that of a messaging infrastructure provider (such as an API gateway or CRM platform). SirenDM is not responsible for how Clients use the infrastructure, provided such use complies with these Terms.
3. Account Registration and Eligibility
3.1 Clients must be a legal entity or individual of at least 18 years of age and must operate a lawful adult content business.
3.2 At account activation, Clients certify that:
All performers whose content they upload are 18 or older with documentation on file
They have assessed and will comply with all applicable laws in their operating jurisdiction
They have the authority to bind their organisation to these Terms
They understand and accept the compliance obligations set out in Section 4
3.3 SirenDM reserves the right to terminate accounts that violate these Terms or applicable law.
4. Client Obligations — Full Compliance Responsibility
4.1 Data Protection (GDPR)
Clients are the Data Controller (GDPR Art. 4(7)) for all End User personal data processed through the Platform. Clients must:
Maintain a lawful basis under GDPR Art. 6 for all End User data processing
Provide any required privacy notices or disclosures to End Users in their own terms
Comply with all applicable data protection laws in their jurisdiction and the jurisdictions of their End Users
Respond to End User data subject rights requests relating to data the Client controls
Notify SirenDM within 24 hours of discovering any security incident involving End User data
Instruct SirenDM only to process data in a lawful manner
4.2 AI Transparency — EU AI Act Deployer Obligations
→ Clients are the Deployer of AI systems within the meaning of EU AI Act (Regulation (EU) 2024/1689). → SirenDM is the Provider of the underlying AI infrastructure. → All Deployer obligations under the EU AI Act, including Article 50 transparency requirements, rest exclusively with the Client. |
SirenDM provides the AI Disclosure Feature: a configurable questionnaire sent to End Users before engagement, which confirms the End User is 18+ and acknowledges that conversations may be AI-assisted. This feature is ENABLED BY DEFAULT.
Clients who choose to disable the AI Disclosure Feature must complete an in-platform acknowledgment confirming that:
They remain solely responsible for compliance with Art. 50 EU AI Act and all applicable AI transparency obligations
They have assessed their legal obligations and have an alternative compliant mechanism in place
They indemnify SirenDM from any liability arising from their decision to disable the feature
They understand that SirenDM bears no liability for any regulatory action arising from this choice
This acknowledgment is timestamped, logged, and associated permanently with the Client account as a compliance record.
4.3 Age Verification
Clients bear sole and exclusive responsibility for age verification compliance. SirenDM does not verify the age of End Users. Clients must:
Verify that all performers whose content is distributed via the Platform are 18+ with government-issued ID documentation
Maintain age verification records per applicable law, including 18 U.S.C. § 2257 for US-facing content
Not knowingly use the Platform to engage with End Users who are minors
Provide age verification documentation to SirenDM within 48 hours of any request
Certify compliance at account activation and on each content upload batch
SirenDM provides the Age Gate Feature: an optional prompt sent to End Users before media delivery requesting 18+ confirmation. This feature is entirely optional. Its availability does not transfer any age verification obligation from Client to SirenDM. Whether Clients enable this feature is their own compliance decision.
4.4 Outreach and Cold Messaging
Clients who use the Platform's outreach or cold DM functionality must certify on a per-campaign basis, via the in-platform campaign activation flow, that:
They have a lawful basis under the ePrivacy Directive (2002/58/EC) and applicable national law to contact each recipient
Recipient data was obtained lawfully
They accept full and exclusive legal responsibility for the lawfulness of each outreach campaign
They will not use the feature to contact individuals in jurisdictions where such outreach is prohibited
SirenDM logs each campaign certification with timestamp, client ID, campaign parameters, and the client's explicit acceptance. This log constitutes SirenDM's record that the legal responsibility was accepted by the Client prior to message delivery.
4.5 Content Compliance and CSAM
All Client content must:
Comply with applicable law in Client's jurisdiction and End Users' jurisdictions
Be submitted through SirenDM's content review process (human review + CSAM screening) before any distribution
Not contain CSAM or any illegal content
SirenDM reserves the right and obligation to report any CSAM identified on the Platform to NCMEC and relevant law enforcement authorities immediately, and to permanently terminate the associated account.
5. Platform Compliance Features
The following features are provided to assist Clients in meeting their compliance obligations. Their use, configuration, or disabling is the exclusive decision and responsibility of the Client as Deployer.
Feature | Default | Client's Compliance Responsibility |
AI Disclosure Questionnaire | ON (enabled) | If disabled, Client accepts sole liability for EU AI Act Art. 50 compliance. Acknowledgment logged. |
Age Gate before media (18+ button) | Optional (OFF) | Client chooses whether to enable. Does not transfer age verification obligation to SirenDM. |
Prompt Library | Optional (select) | All selected and applied configurations become Client's own content. Selection timestamp logged. |
Outreach Campaign Certification | Required per campaign | Client certifies lawful basis before each campaign launches. Cannot be skipped. Logged permanently. |
6. SirenDM Obligations
SirenDM will:
Provide the Platform with reasonable uptime and availability
Process End User data only on documented Client instructions per the DPA
Maintain appropriate technical and organisational security measures (AES-256 at rest, TLS 1.3 in transit)
Perform CSAM screening on all media submitted for distribution
Notify Clients within 72 hours of any confirmed data breach affecting their data
Maintain sub-processor agreements with all third parties handling Client data
Respond to Client data portability and deletion requests within 30 days
7. Data Processing Agreement (GDPR Art. 28)
This Section 7 constitutes the mandatory Data Processing Agreement between SirenDM (Processor) and each Client (Controller) as required by GDPR Article 28. Acceptance of these Terms constitutes execution of this DPA. |
7.1 Subject Matter and Duration
Processing of End User personal data to provide the Platform's automation, CRM, and AI messaging services for the duration of the Client's active account.
7.2 Nature and Purpose of Processing
Technical message processing, AI response generation, session management, behavioral analytics, sentiment classification, media delivery, and payment processing via Telegram Stars.
7.3 Types of Personal Data Processed
Telegram identifiers (numeric ID, username, first name)
Inferred location data (country, city, timezone derived from conversation)
Conversation history (full message text, timestamps)
Behavioral metadata (message counts, sentiment, fan classification, spend history)
Payment data (Telegram Stars transaction references)
7.4 Categories of Data Subjects
End Users (Fans) who communicate with Client Telegram accounts via the Platform.
7.5 Processor Obligations
SirenDM as Processor shall:
Process personal data only on documented Client instructions, unless required by EU or Member State law
Ensure that persons authorised to process data are under appropriate confidentiality obligations
Implement appropriate technical and organisational security measures per GDPR Art. 32
Not engage sub-processors without the Client's general authorisation (granted by acceptance of these Terms for the sub-processors listed in the Privacy Policy), and impose equivalent data protection obligations on all sub-processors
Assist the Client in responding to data subject rights requests under GDPR Arts. 15-22 relating to End User data processed by SirenDM
Assist the Client in meeting GDPR Art. 32-36 obligations regarding security, breach notification, and impact assessments
At Client's choice, delete or return all personal data on termination of services
Make available all information necessary to demonstrate compliance with Art. 28, and allow for and contribute to audits by the Client or mandated auditor
Notify the Client promptly if any instruction infringes GDPR or other applicable data protection law
7.6 Authorised Sub-processors
Clients authorise SirenDM to engage the sub-processors listed in the Privacy Policy. SirenDM will notify Clients of any intended changes and allow 14 days to object.
7.7 International Transfers
Transfers of personal data outside the EEA are made using Standard Contractual Clauses approved by the European Commission, or on the basis of EU-US Data Privacy Framework certification where applicable.
8. Indemnification
8.1 Clients shall indemnify, defend, and hold harmless SirenDM, its officers, directors, employees, and agents from and against any and all claims, liabilities, damages, losses, costs, and expenses (including reasonable legal fees) arising out of or related to:
Client's breach of any provision of these Terms
Client's use of the Platform in violation of applicable law
Any claim by an End User, regulator, or third party relating to Client's AI deployment, age verification practices, outreach campaigns, or content
Client's failure to comply with AI transparency obligations after disabling the AI Disclosure Feature
Any regulatory investigation, fine, penalty, or enforcement action directed at Client's deployment of the Platform
Client's breach of the DPA in Section 7
8.2 SirenDM will notify Clients promptly of any claim for which indemnification is sought and will cooperate reasonably in the defence.
9. Limitation of Liability
9.1 TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, SIRENDM'S TOTAL AGGREGATE LIABILITY TO ANY CLIENT FOR ANY CLAIM ARISING UNDER OR IN CONNECTION WITH THESE TERMS SHALL NOT EXCEED THE TOTAL FEES PAID BY THAT CLIENT IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM.
9.2 IN NO EVENT SHALL SIRENDM BE LIABLE FOR: (a) INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES; (b) REGULATORY FINES, PENALTIES, OR ENFORCEMENT COSTS INCURRED BY CLIENTS; (c) LOSS OF PROFITS, REVENUE, DATA, OR BUSINESS OPPORTUNITY; (d) DAMAGES ARISING FROM CLIENT'S FAILURE TO COMPLY WITH AI TRANSPARENCY, AGE VERIFICATION, OR OUTREACH CONSENT OBLIGATIONS.
9.3 These limitations apply regardless of the form of action and regardless of whether SirenDM has been advised of the possibility of such damages.
10. Termination
10.1 Either party may terminate these Terms on 30 days' written notice.
10.2 SirenDM may immediately suspend or terminate any Client account that: (a) distributes CSAM; (b) uses the Platform for manifestly illegal purposes; (c) fails to provide age verification documentation within 48 hours of request; (d) repeatedly breaches these Terms.
10.3 On termination, SirenDM will delete or return all End User data as instructed by the Client, subject to data retention requirements in the Privacy Policy.
11. Governing Law and Dispute Resolution
11.1 These Terms are governed by and construed in accordance with the laws of the Czech Republic, without regard to conflict of law principles.
11.2 Any dispute arising out of or in connection with these Terms shall be subject to the exclusive jurisdiction of the courts of Prague, Czech Republic.
11.3 Nothing in this clause prevents either party from seeking urgent injunctive relief before any competent court.
12. General
12.1 Entire Agreement. These Terms, together with the Privacy Policy, constitute the entire agreement between the parties regarding the Platform and supersede all prior agreements.
12.2 Amendments. SirenDM may update these Terms by posting a revised version and notifying Clients by email 30 days in advance. Continued use after the effective date constitutes acceptance.
12.3 Severability. If any provision is found invalid or unenforceable, the remaining provisions continue in full force.
12.4 Waiver. Failure to enforce any provision does not constitute a waiver of future enforcement.
12.5 Assignment. Clients may not assign these Terms without SirenDM's written consent. SirenDM may assign freely in connection with a merger or acquisition.
Questions about these Terms: support@sirendm.app