Tiller
/
Inloggen Aan de slag

Privacybeleid

Effective from: 01-02-2026

1. Introduction

Tiller ("we", "us", or "Tiller") is operated by Ryde Ventures B.V., a company incorporated in the Netherlands.

This Privacy Policy explains how we collect, use, store, and protect personal data when you use Tiller.

By using Tiller, you agree to this Privacy Policy and our Terms and Conditions.

2. Data We Collect

We collect and process the following categories of data.

A. User-Provided Data

  • Account Information: Email address, username, and password (hashed).
  • Billing Information: Subscription status and payment metadata (processed by third-party payment providers).
  • Credentials & Configuration Data:
    • For Self-Managed deployments: provider credentials or API keys you choose to supply.
    • For Managed Hosting: configuration details necessary to operate the hosted environment.
  • Feedback & Support Requests: Information you submit when contacting us.

B. Automatically Collected Data

  • Usage Data: Login timestamps, feature usage, and session activity.
  • Technical Data: IP address, browser type, operating system, device information, and language preferences.
  • Security Logs: Authentication and system-level events required for abuse prevention and service stability.

3. How We Use Your Data

We use personal data for the following purposes:

  • Service Delivery: To create accounts, provide access, and operate Tiller.
  • Service Operation:
    • Installing and running OpenClaw-based environments,
    • Operating hosted environments under the Managed Hosting package.
  • Security & Abuse Prevention: Detecting fraud, misuse, or violations of our Terms.
  • Communication: Account notices, service updates, and support responses.
  • Legal Obligations: Compliance with applicable laws and regulatory requirements.

We do not use your data to train AI models.

4. Legal Basis for Processing (GDPR Article 6)

We process personal data under the following legal bases:

  • Contract Performance (Art. 6(1)(b))
    For account creation, service delivery, billing, and technical operation.
  • Legitimate Interests (Art. 6(1)(f))
    For security monitoring, fraud prevention, service reliability, and limited analytics. You have the right to object to this processing.
  • Consent (Art. 6(1)(a))
    For non-essential cookies and optional communications. Consent may be withdrawn at any time.

5. Data Sharing and Disclosure

We do not sell or rent your personal data.

A. Service Providers

We share data with trusted providers for:

  • hosting and infrastructure,
  • payment processing,
  • monitoring and security.

These providers process data only under our instructions and confidentiality obligations.

B. Open-Source & Third-Party Software

Tiller uses open-source components such as OpenClaw.

We do not share personal data with open-source projects.

C. Legal & Safety Requirements

We may disclose data if required by law or to protect the rights, safety, or integrity of Tiller and its users.

6. Data Retention

We retain personal data only as long as necessary:

  • Account Data: Up to 5 years after account closure (legal record-keeping).
  • Credentials & Configuration Data:
    • Self-Managed: retained only during active setup or troubleshooting.
    • Managed Hosting: retained for the duration of hosting.
  • Usage & Security Logs: Up to 90 days, unless required for investigations.
  • Backups: Automatically deleted within 30 days.

Inactive accounts may be deleted after a prolonged period of inactivity, typically after at least 12 months, and only after prior notice.

Data may be retained for a limited period after suspension or termination where necessary to comply with legal obligations or resolve billing or security issues.

7. Data Breaches

In the event of a personal data breach:

  • We will notify the relevant supervisory authority within 72 hours, where required by law.
  • Affected users will be informed without undue delay if there is a high risk to their rights and freedoms.
  • Notifications will describe the nature of the breach and mitigation steps.

8. Your Rights (GDPR & EEA Users)

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Verwijderen your data (subject to legal obligations)
  • Restrict processing
  • Data Portability
  • Object to processing based on legitimate interests
  • Withdraw Consent at any time (without affecting prior processing)

To exercise these rights, contact: privacy@tiller.sh

9. International Data Transfers

Your data may be processed within the EU or in other jurisdictions where our providers operate.

Where data is transferred outside the EEA, we apply safeguards such as EU Standard Contractual Clauses.

10. Cookies and Tracking Technologies

We use cookies for:

  • Essential Cookies: Authentication, security, and core functionality.
  • Preference Cookies: Interface and language settings.
  • Analytics Cookies (non-essential): To understand usage and improve the service.

You can manage cookie preferences via your browser or our cookie banner.

See our Cookie Policy.

11. Security Measures

We apply industry-standard security measures, including encryption, access controls, monitoring, and audits.

No system is completely secure, and we cannot guarantee absolute security.

12. Children's Privacy

Tiller is intended for adult users only.

We do not knowingly collect personal data from individuals under the age of 18.

13. Third-Party Links

Tiller may link to third-party websites.

We are not responsible for their privacy practices.

14. Changes to This Policy

We may update this Privacy Policy periodically.

Material changes will be posted with at least 30 days' notice where practicable.

Continued use of Tiller constitutes acceptance of the updated policy.

15. Contact

For privacy-related questions or requests: privacy@tiller.sh

Ryde Ventures B.V., The Netherlands

Last updated: 01-02-2026