ACCEPTABLE USE POLICY

TABLE OF CONTENTS

1. Scope and Applicability
2. Account Security
3. Prohibited Content
4. Prohibited Conduct
5. Security and Technical Restrictions
6. AI-Specific Restrictions
7. High-Risk Activities
8. Export, Sanctions, and Legal Compliance
9. Reporting Violations
10. Enforcement and Suspension
11. Appeal and Review
12. Changes to this AUP
13. Contact

1. SCOPE AND APPLICABILITY

• Applies to all users of the Services, including Customer’s employees, contractors, and end users under Customer’s control.
• Customer is responsible for user compliance.
• Not intended for users under [18] (or [16] where GDPR sets the digital consent age) without verifiable parental consent where legally required.

2. ACCOUNT SECURITY

• Keep credentials confidential; no credential sharing beyond licensed use; implement MFA where available; notify Provider of suspected compromise.

3. PROHIBITED CONTENT

• Unlawful content; IP-infringing content; malware; hate, harassment, or threats of violence; CSAM or exploitation; doxxing; spam/phishing payloads; false emergency reports; content violating privacy or publicity rights.
• Examples: distributing ransomware, sharing stolen credentials, publishing private home addresses without consent.

4. PROHIBITED CONDUCT

• Unauthorized access, scanning, or probing; denial-of-service attacks; interfering with security measures; reselling or providing the Service to third parties without authorization; misrepresenting identity or affiliation; using the Service to send spam or unsolicited bulk messages; scraping or data mining outside documented APIs and rate limits; bypassing usage limits or fees.
• No benchmarking publication without Provider’s prior written consent; no use to develop or improve competing products or models.
• No cryptomining, bandwidth abuse, or excessive consumption designed to impair or evade metering.

5. SECURITY AND TECHNICAL RESTRICTIONS

• No reverse engineering except to the extent permitted by law; no introducing backdoors, exploits, or load designed to impair the Service; adhere to API rate limits and fair use guidelines.

6. AI-SPECIFIC RESTRICTIONS

• No use of Service outputs or derivatives to train, fine-tune, or improve machine learning models that compete with Provider’s offerings.
• No fully automated decisions with legal or similarly significant effects (e.g., credit, employment, housing, immigration, criminal justice) without appropriate human review and compliance with applicable law.
• No holding out outputs as licensed legal advice without appropriate disclaimers and supervision consistent with bar rules.
• Customer must independently verify AI-generated outputs before reliance.

7. HIGH-RISK ACTIVITIES

• No use for life-support, critical infrastructure, or other high-risk activities where failure could result in death, personal injury, or severe environmental/physical damage unless expressly agreed in writing.

8. EXPORT, SANCTIONS, AND LEGAL COMPLIANCE

• No access/use from embargoed or sanctioned jurisdictions; no provision to denied or restricted parties; no prohibited end uses (WMD, military where restricted); comply with applicable export/import laws.

9. REPORTING VIOLATIONS

• Report suspected violations to [security/contact email] with details and timestamps.

10. ENFORCEMENT AND SUSPENSION

• Provider may suspend or terminate access for AUP violations with or without notice in urgent cases; may remove or disable access to prohibited content; chronic or material violations may lead to termination under the SaaS Agreement.
• Customer remains responsible for fees during suspension caused by its violations.

11. APPEAL AND REVIEW

• Customer may request review of a suspension within [5] business days of notice; Provider will review in good faith and respond with findings or next steps.

12. CHANGES TO THIS AUP

• Provider may update with [30] days’ notice; material changes aligned with the SaaS Agreement notice provisions.

13. CONTACT

• Questions: [contact email].