Acceptable Use Policy

1. Scope & Application

This Acceptable Use Policy (“AUP”) applies to all software, artificial intelligence models, automation systems, APIs, websites, and other digital products or services (collectively, “Deliverables”) designed, developed, or deployed by Eveningside Labs(“Company,” “we,” “us”) on behalf of its clients (“Client,” “you,” “your”).

By accepting delivery of any Deliverables or by continuing to operate systems built by us, you agree to comply with this AUP. This AUP supplements, and is incorporated by reference into, the applicable Statement of Work (“SOW”) and our Terms of Service. In the event of a conflict, the SOW shall prevail with respect to the specific engagement, but this AUP shall apply to all matters it covers that are not expressly addressed in the SOW.

2. General Obligations

You agree to use Deliverables only for lawful purposes and in accordance with all applicable local, national, and international laws, regulations, and industry standards. You are solely responsible for ensuring that your use of the Deliverables complies with the laws of every jurisdiction in which you operate or deploy them.

Where a Deliverable incorporates AI components, you acknowledge and agree that you bear ultimate responsibility for the outputs generated by such AI components, including decisions made or actions taken based on those outputs.

3. Prohibited Uses

You shall not use, or permit any third party to use, any Deliverable for the following purposes:

3.1 Illegal or Harmful Activities

• Any activity that violates applicable law, including fraud, money laundering, tax evasion, bribery, or corruption.
• Production, distribution, or facilitation of child sexual abuse material (CSAM) or any form of child exploitation.
• Promoting, inciting, or facilitating terrorism, violent extremism, or acts of physical violence against individuals or groups.
• Distributing malware, ransomware, spyware, or any software designed to damage, interfere with, or gain unauthorised access to computer systems.

3.2 Deceptive or Manipulative Practices

• Generating or distributing disinformation, deepfakes, or AI-generated content that is designed to deceive, defraud, or manipulate public opinion without clear disclosure of its synthetic origin.
• Impersonating individuals, organisations, or government entities without authorisation.
• Automated systems designed to circumvent authentication, access controls, rate limits, or terms of service of third-party platforms, unless you have express written authorisation from the platform operator.

3.3 Discriminatory or Rights-Violating Uses

• Using AI systems to make consequential decisions about individuals (e.g., employment, credit, housing, insurance, law enforcement) without appropriate human oversight, bias testing, and compliance with anti-discrimination laws.
• Real-time biometric identification in publicly accessible spaces in any jurisdiction where such use is prohibited or restricted.
• Social scoring systems that evaluate or rank individuals based on social behaviour or predicted personal characteristics.
• Mass surveillance, including bulk collection and processing of communications data, facial recognition, or location tracking without a lawful basis and proportionality assessment.

3.4 Unsolicited Communications & Spam

• Sending unsolicited commercial messages, spam, or bulk communications in violation of applicable anti-spam legislation (including CAN-SPAM, CASL, and the EU ePrivacy Directive).
• Harvesting email addresses or other personal data from websites or services without consent for the purpose of unsolicited outreach.

3.5 Intellectual Property Infringement

• Using Deliverables to infringe, misappropriate, or violate the intellectual property rights of any third party, including copyrights, trademarks, patents, and trade secrets.
• Scraping, crawling, or extracting data from third-party sources in violation of those sources’ terms of service or applicable law (including database rights under EU Directive 96/9/EC).

4. Security Obligations

You agree to implement and maintain reasonable technical and organisational security measures to protect the Deliverables from unauthorised access, modification, or destruction. This includes, but is not limited to:

• Keeping all credentials, API keys, and access tokens secure and not sharing them with unauthorised persons.
• Applying security patches and updates provided by us or recommended by third-party vendors in a timely manner.
• Promptly notifying us at security@eveningsidelabs.com of any suspected security breach or vulnerability affecting a Deliverable.

5. AI-Specific Requirements

Where Deliverables incorporate artificial intelligence or machine learning components, you additionally agree to:

• Disclose to end users when they are interacting with an AI system, as required by the EU AI Act and other applicable regulations.
• Maintain meaningful human oversight over AI-driven decisions, particularly in high-risk contexts.
• Monitor AI outputs for accuracy, bias, and drift, and implement corrective measures when issues are detected.
• Not attempt to reverse-engineer, extract, or replicate proprietary model weights, training data, or fine-tuning datasets provided as part of the Deliverables.

6. Consequences of Violation

If we reasonably determine that you have violated this AUP, we reserve the right, in our sole discretion, to take one or more of the following actions:

• Issue a written warning specifying the nature of the violation and requiring corrective action within a stated timeframe.
• Suspend access to or operation of the affected Deliverables until the violation is remedied.
• Terminate the applicable SOW and/or these Terms for cause, in accordance with the termination provisions of our Terms of Service.
• Report the violation to the appropriate law enforcement authorities, regulatory bodies, or affected third parties.

You shall be liable for all damages, losses, costs, and expenses (including reasonable legal fees) arising from your violation of this AUP, and you agree to indemnify and hold harmless Eveningside Labs from any third-party claims resulting from such violation.

7. Reporting Violations

If you become aware of any use of our Deliverables that violates this AUP, please report it to us immediately at abuse@eveningsidelabs.com. We take all reports seriously and will investigate promptly.