Acceptable Use Policy
Last updated: 2026-06-30
Introduction
This Acceptable Use Policy (the "Policy") applies to use of Reinversed websites, platform, APIs, SDKs, documentation, AI-agent features, integrations and related services (the "Service"). It forms part of the Terms of Use.
Customer is responsible for its authorised users, end users, Agents, Customer Data, Connected Sources, Integration Credentials and use of the Service. Capitalised terms not defined in this Policy have the meaning given in the Terms of Use.
Lawful use
Customer must not use the Service in a way that is unlawful, deceptive, harmful, infringing, abusive or inconsistent with the Terms of Use. Customer must not use the Service to create, store, transmit, display, generate, retrieve, distribute or facilitate:
- illegal content, instructions or activity;
- exploitation, abuse, harassment, threats, hate, violence or self-harm encouragement;
- defamation, impersonation, fraud, phishing, scams or identity deception;
- intellectual-property infringement or misappropriation;
- privacy violations, doxxing, unlawful surveillance or unlawful tracking;
- non-consensual intimate, sexual, biometric or highly sensitive content;
- malware, credential theft, vulnerability exploitation or unauthorised access;
- spam, unsolicited bulk messages, deceptive marketing or unlawful profiling; or
- activity that violates export controls, sanctions or trade restrictions.
AI-specific restrictions
Customer must not use the Service, Agents, Agent Outputs or Agent Actions for any AI practice prohibited by applicable law, including prohibited practices under the EU Artificial Intelligence Act.
Customer must not use the Service for high-risk, regulated, safety-critical or legally significant AI use cases unless Customer has carried out appropriate risk, legal and conformity assessments and Reinversed has expressly agreed to the use in an Order Form or in writing. Examples include use cases affecting:
- employment, worker management, recruitment or termination;
- education access, assessment or certification;
- credit, lending, insurance, housing, public benefits or essential private services;
- health, medical, emergency, transport, critical infrastructure or physical safety;
- law enforcement, migration, asylum, border control, courts or democratic processes;
- biometric identification, biometric categorisation, emotion recognition or sensitive profiling; or
- legally binding decisions, eligibility decisions or decisions that materially affect individual rights.
Customer must not represent Agent Outputs as legal, medical, financial, tax, accounting, HR, security, compliance or other regulated professional advice unless the output is reviewed by a qualified professional before reliance or use.
Customer must not use Agents to make fully automated decisions that produce legal effects or similarly significant effects for individuals unless Customer has a valid legal basis, provides required notices and safeguards, and complies with all applicable laws.
Security and system integrity
Customer must not:
- attempt to access, probe, scan, overload, disrupt or compromise the Service or any third-party system without written authorisation;
- bypass authentication, access controls, rate limits, usage limits, monitoring, approval workflows or security controls;
- introduce malware, malicious prompts, prompt-injection payloads, credential-harvesting flows or other harmful code or content;
- use the Service to exfiltrate data from Connected Sources beyond Customer's authorised permissions;
- share, sell or publish Integration Credentials, access tokens or other secrets;
- interfere with other customers' use of the Service; or
- conduct penetration testing, load testing, scraping or automated vulnerability testing against the Service without Reinversed's prior written approval.
Data and content responsibilities
Customer must not submit Customer Data to the Service unless Customer has all rights, notices, consents and legal bases required for the processing. Customer must apply least-privilege permissions to Connected Sources and must not provide Agents with access to data, tools or credentials beyond what is necessary for the intended use case.
Customer must not use the Service to process special categories of personal data, criminal-offence data, payment-card data, government identifiers, health data, children's data or other highly sensitive data unless the use is lawful, appropriate safeguards are in place, and the relevant subscription or Order Form permits that use.
Customer is responsible for reviewing, testing and monitoring Agent Outputs and Agent Actions, especially where Agents can perform Write Actions, communicate externally, retrieve sensitive information or affect third-party rights.
Third-party services and public content
Customer must comply with the terms, policies and technical limits of Connected Sources and third-party services. Customer must not use the Service to scrape, copy, access, combine or redistribute third-party data or public website content in breach of law, contract, robots restrictions, access controls or intellectual-property rights.
Customer must not use model providers, API keys, integrations or external tools through the Service in a way that violates the relevant provider's terms or usage policies.
End-user deployments
If Customer embeds or exposes Agents to end users, Customer must provide appropriate notices, terms, privacy information, consent mechanisms, escalation routes and human-review processes for the deployment. Customer must not imply that Reinversed is responsible for Customer's end-user relationship or end-user-facing decisions unless Reinversed has expressly agreed otherwise in writing.
Enforcement
Reinversed may investigate suspected violations of this Policy and may suspend or restrict the Service, an account, workspace, Agent, embedded interface, Integration Credential, API key, Write Action or other feature where reasonably necessary to protect the Service, customers, end users, third parties or legal compliance.
Reinversed will use reasonable efforts to provide notice and an opportunity to cure where practicable, but may act immediately where the issue involves security risk, legal risk, harm, suspected credential compromise, personal data breach, prohibited AI practice, third-party provider requirement or urgent operational risk.
Repeated or serious violations may result in termination under the Terms of Use.
Reporting
To report suspected misuse of the Service, contact legal@reinversed.com.