Acceptable Use Policy (AUP)

Last Updated: October 21, 2025

This Acceptable Use Policy ("AUP") outlines the rules and guidelines for using applications and AI agents developed and deployed by OSEM Dynamics ("we," "us," or "our"). This policy applies to all applications displaying "Powered by OSEM Dynamics" branding and all end users of these applications.

1. Scope and Application

1.1 Who This Policy Applies To

This AUP applies to:

• All end users of applications powered by OSEM Dynamics
• Client organizations and their employees/contractors using our applications
• API users and developers integrating with OSEM Dynamics applications
• Any individual or entity accessing OSEM Dynamics services

1.2 What This Policy Covers

This AUP governs the use of:

• AI agents and chatbots developed by OSEM Dynamics
• Workflow automation applications
• Business process optimization tools
• APIs and integration services
• All features, functions, and data within these applications

1.3 Acknowledgment and Acceptance

By using any application powered by OSEM Dynamics, you acknowledge that you have read, understood, and agree to comply with this AUP. If you do not agree, you must immediately cease using the application.

2. Acceptable Uses

2.1 Permitted Activities

You may use OSEM Dynamics applications for:

• Legitimate business purposes as intended by the application's design
• Automating workflows and business processes
• Data analysis and reporting within authorized scope
• Integrating with other authorized systems and services
• Accessing and managing your own authorized data
• Collaborating with authorized team members
• Training and educational purposes (within licensed scope)

2.2 General Conduct Standards

When using our applications, you agree to:

• Use the application only for lawful purposes
• Respect intellectual property rights of OSEM Dynamics and third parties
• Maintain the confidentiality of login credentials
• Report security vulnerabilities responsibly
• Comply with all applicable laws and regulations
• Act in good faith and with integrity
• Follow any additional guidelines provided by your organization

3. Prohibited Uses

3.1 Illegal Activities

You may NOT use our applications to:

• Violate any local, state, national, or international law or regulation
• Infringe upon or misappropriate intellectual property rights
• Engage in fraud, money laundering, or financial crimes
• Facilitate illegal gambling or unlicensed securities trading
• Distribute illegal drugs, weapons, or controlled substances
• Engage in human trafficking or exploitation
• Facilitate or promote terrorism or violent extremism
• Engage in identity theft or impersonation

3.2 Harmful Content

You may NOT upload, transmit, or store content that:

• Contains malware, viruses, ransomware, or malicious code
• Is defamatory, libelous, or constitutes hate speech
• Promotes violence, self-harm, or illegal activities
• Contains child sexual abuse material (CSAM) or child exploitation content
• Harasses, threatens, or intimidates individuals or groups
• Contains non-consensual intimate images or revenge pornography
• Promotes discrimination based on race, religion, gender, sexual orientation, disability, or other protected characteristics
• Contains graphic violence or excessive gore without legitimate purpose
• Violates privacy rights or contains non-consensually shared personal information (doxxing)

3.3 Security Violations

You may NOT:

• Attempt to gain unauthorized access to any system, account, or data
• Circumvent or disable security features or access controls
• Conduct security testing or penetration testing without written authorization
• Probe, scan, or test vulnerabilities without permission
• Access data or systems you are not explicitly authorized to access
• Share account credentials or allow unauthorized account access
• Use stolen credentials or authentication tokens
• Attempt to decrypt encrypted data without authorization
• Deploy backdoors, rootkits, or persistent access mechanisms

3.4 System Abuse and Interference

You may NOT:

• Overload, flood, or denial-of-service attack our systems
• Interfere with other users' access or use of the application
• Attempt to reverse engineer, decompile, or disassemble the application
• Modify, adapt, or create derivative works without authorization
• Remove, alter, or obscure copyright notices or branding
• Use automated tools (bots, scrapers) without written permission
• Exceed rate limits or usage quotas through technical means
• Mine cryptocurrency using our infrastructure
• Run benchmark tests without prior approval

3.5 Data Misuse

You may NOT:

• Access, collect, or use data beyond your authorized scope
• Scrape, harvest, or extract data through unauthorized means
• Sell, rent, or license data obtained from the application
• Use data for unauthorized marketing or commercial purposes
• Combine data from multiple sources to re-identify anonymized individuals
• Share confidential or proprietary data with unauthorized parties
• Export or transfer data in violation of data protection laws (GDPR, CCPA, etc.)
• Use data to train competing AI models or services
• Store or process sensitive data (PII, PHI, financial data) outside approved systems

3.6 Spam and Abuse

You may NOT:

• Send unsolicited bulk messages (spam) through the application
• Engage in phishing or social engineering attacks
• Create fake accounts or impersonate others
• Manipulate or artificially inflate metrics, ratings, or engagement
• Engage in "astroturfing" or fake grassroots campaigns
• Abuse reporting, flagging, or complaint mechanisms
• Create multiple accounts to evade restrictions or bans

3.7 AI-Specific Prohibited Uses

For AI agents and chatbots, you may NOT:

• Attempt to manipulate or "jailbreak" AI behavior
• Use AI to generate harmful, illegal, or deceptive content
• Generate deepfakes or synthetic media intended to deceive
• Use AI for surveillance or mass monitoring without legal authority
• Create AI-generated content that violates copyright or trademark rights
• Use AI to make consequential decisions about individuals (employment, credit, medical) without human oversight
• Train or fine-tune AI models using our services without authorization
• Use AI to generate bulk content for SEO manipulation or spam
• Attempt to extract training data or model weights

3.8 Competitive or Unfair Use

You may NOT:

• Use our applications to build competing products or services
• Benchmark performance for competitive purposes without permission
• Copy features, functionality, or user experience designs
• Resell, sublicense, or redistribute access without authorization
• Use our services to provide bureau services or service bureau operations

4. Data Privacy and Protection

4.1 Personal Data Handling

When using our applications, you must:

• Comply with all applicable data protection laws (GDPR, CCPA, etc.)
• Obtain necessary consents for data collection and processing
• Only process personal data for legitimate, specified purposes
• Implement appropriate security measures for sensitive data
• Respect data subject rights (access, deletion, portability, etc.)
• Report data breaches promptly per legal requirements
• Maintain data processing agreements where required

4.2 Sensitive Data Restrictions

Special care must be taken with:

• PII (Personally Identifiable Information): Names, addresses, SSNs, etc.
• PHI (Protected Health Information): Medical records, health data (HIPAA compliance required)
• Financial Data: Credit card numbers, bank accounts (PCI DSS compliance required)
• Biometric Data: Fingerprints, facial recognition, voice prints
• Children's Data: Information about individuals under 16 (COPPA compliance required)
• Genetic Data: DNA, genetic testing results

4.3 Cross-Border Data Transfers

When transferring data internationally:

• Ensure compliance with data localization requirements
• Use appropriate transfer mechanisms (Standard Contractual Clauses, etc.)
• Obtain necessary authorizations for restricted countries
• Respect data sovereignty and residency requirements

5. Resource Usage and Quotas

5.1 Fair Use

You agree to:

• Use computational resources reasonably and efficiently
• Respect rate limits and usage quotas
• Avoid excessive or wasteful resource consumption
• Not monopolize shared resources to the detriment of other users

5.2 Usage Limits

Specific limits may apply to:

• API calls per minute/hour/day
• Data storage capacity
• Concurrent users or sessions
• File upload sizes and quantities
• Email sending volumes
• AI processing requests

Exceeding limits may result in throttling, temporary suspension, or additional charges per your service agreement.

6. Compliance Requirements

6.1 Legal and Regulatory Compliance

You must comply with:

• Data Protection: GDPR, CCPA, PIPEDA, and other privacy laws
• Industry Regulations: HIPAA (healthcare), PCI DSS (payments), SOX (finance), FERPA (education)
• Employment Laws: When using HR/recruiting applications
• Accessibility: ADA, WCAG standards where applicable
• Export Controls: ITAR, EAR regulations for controlled data/technology
• Sanctions: OFAC and other economic sanctions programs

6.2 Industry-Specific Requirements

Depending on your industry, additional requirements may apply:

• Healthcare: HIPAA compliance, patient consent, PHI safeguards
• Financial Services: Anti-money laundering (AML), Know Your Customer (KYC), fraud detection
• Education: FERPA, COPPA for student data
• Government: FedRAMP, FISMA, state-specific requirements

7. Monitoring and Enforcement

7.1 Our Rights to Monitor

OSEM Dynamics reserves the right to:

• Monitor usage for compliance with this AUP
• Investigate suspected violations
• Access and review content for legal or security purposes
• Use automated systems to detect abuse or violations
• Audit resource usage and system access

Note: We respect your privacy and will only access your data when necessary for security, legal compliance, or investigating violations.

7.2 Violation Consequences

Violations of this AUP may result in:

• Warning: First-time or minor violations
• Temporary Suspension: Repeated or moderate violations
• Permanent Termination: Serious, illegal, or repeated violations
• Legal Action: Criminal violations, significant damages, or ongoing harm
• Account Deletion: All data may be deleted upon termination
• Financial Liability: You may be liable for damages, legal fees, and remediation costs

7.3 Investigation Process

When investigating potential violations:

1. We will gather relevant information and evidence
2. We may temporarily restrict access during investigation
3. You will be notified of suspected violations (unless legally prohibited)
4. You may provide explanations or context
5. We will make a determination based on evidence and policy
6. You will be informed of the outcome and any actions taken

7.4 Law Enforcement Cooperation

We will cooperate with law enforcement when:

• Required by law or court order
• Necessary to prevent harm or protect safety
• Criminal activity is suspected
• National security concerns arise

8. Reporting Violations

8.1 How to Report

If you become aware of AUP violations, please report them to:

8.2 What to Include in Reports

When reporting violations, please provide:

• Your contact information
• Description of the violation
• Date and time of the incident
• Evidence (screenshots, logs, URLs, etc.)
• Affected users or systems (if known)
• Any other relevant information

8.3 Confidentiality

Reports will be handled confidentially. We will not disclose your identity without your consent, except where required by law.

8.4 No Retaliation

We prohibit retaliation against individuals who report violations in good faith.

9. Client Organization Responsibilities

9.1 User Management

Client organizations must:

• Ensure all users are aware of and comply with this AUP
• Implement appropriate access controls
• Monitor and audit user activity
• Promptly remove access for terminated employees
• Investigate internal violations and take corrective action
• Report serious violations to OSEM Dynamics

9.2 Security Responsibilities

Client organizations are responsible for:

• Maintaining strong passwords and credential security
• Enabling multi-factor authentication (MFA) where available
• Keeping contact information up to date
• Promptly reporting security incidents
• Training users on security best practices
• Complying with security requirements in service agreements

9.3 Liability

Client organizations may be held liable for:

• Violations committed by their users
• Failure to enforce this AUP within their organization
• Negligence in access control or security
• Damages resulting from user misconduct

10. Modifications to This Policy

10.1 Right to Modify

OSEM Dynamics reserves the right to modify this AUP at any time to:

• Address emerging threats or abuse patterns
• Comply with new laws or regulations
• Improve clarity or completeness
• Reflect changes in services or features

10.2 Notification of Changes

Material changes will be communicated via:

• Email notification to administrators
• In-app notifications
• Updates to the "Last Updated" date on this page
• 30-day notice period for significant changes (when possible)

10.3 Continued Use

Continued use of the application after changes take effect constitutes acceptance of the updated AUP.

11. Interpretation and Enforcement

11.1 Good Faith

This AUP will be interpreted and enforced in good faith. We recognize that:

• Not all situations are clearly defined
• Context matters in assessing violations
• Innocent mistakes differ from intentional abuse
• Education and correction are preferable to punishment when appropriate

11.2 Discretion

OSEM Dynamics maintains sole discretion in:

• Interpreting this policy
• Determining whether a violation has occurred
• Deciding appropriate remedial actions
• Granting exceptions or waivers (in writing only)

11.3 Severability

If any provision of this AUP is found to be unenforceable, the remaining provisions remain in full effect.

12. Related Policies and Terms

• Service Level Agreement (SLA) - Performance and uptime commitments
• Terms of Service - General terms and conditions
• Privacy Policy - Data protection and privacy practices
• Security - Security measures and commitments
• Cookie Policy - Cookie usage and tracking

13. Contact Information

---

Effective Date: This policy is effective immediately upon your first use of any OSEM Dynamics application. By continuing to use our services, you acknowledge and agree to this Acceptable Use Policy.