Acceptable Use Policy

This AUP applies to every Customer and Authorised User, and to anyone else who accesses or uses the Service. Customers are responsible for ensuring their Authorised Users and end-users comply.

You must use the Service:

• lawfully and in accordance with all applicable laws, regulations and sanctions regimes;
• in good faith and in a way that respects the rights of others;
• consistent with the Documentation, our published limits and any safety guidance we provide; and
• only for your own legitimate business purposes.

You must not use the Service, or allow any person to use the Service, to:

3.1 Unlawful and harmful activity

• violate any applicable law, regulation, court order or industry rule;
• infringe any third party’s intellectual property, privacy, publicity, confidentiality or contractual rights;
• engage in fraud, deception, phishing, pretexting, impersonation or social engineering;
• launder money, finance terrorism, or evade sanctions, taxes or export controls;
• generate, store or distribute child sexual abuse material, non-consensual intimate imagery, or material that sexualises minors;
• create content intended to incite violence, harass, bully, threaten, dox or stalk any person;
• create content that promotes terrorism, self-harm, eating disorders or suicide;
• develop or operate weapons, including biological, chemical, nuclear or radiological weapons, or to plan or facilitate attacks;
• produce unlawful discriminatory content, or content that promotes hatred against a protected class;

3.2 Service abuse

• circumvent, disable, tamper with or attempt to defeat any authentication, rate-limit, filter, moderation, safety, audit or monitoring feature;
• probe, scan, stress-test or penetrate the Service or its infrastructure without our prior written consent;
• introduce viruses, worms, malware, ransomware, spyware, backdoors, time bombs or any other malicious code;
• scrape, crawl, harvest, mine or otherwise extract data from the Service other than via features expressly provided for that purpose;
• reverse engineer, decompile or attempt to access source code, models, weights, system prompts or training data (except as mandatorily permitted by law);
• resell, sublicense or make the Service available to third parties without our prior written consent;
• share Authorised User credentials or allow multiple individuals to share a single Authorised User seat;
• exceed allocated quotas or use the Service to train, fine-tune, evaluate or benchmark a competing model or product;

3.3 Data and privacy misuse

• upload Customer Data that you are not entitled to upload, or that is unlawful, infringing, harmful, defamatory or obscene;
• submit data relating to individuals without an appropriate lawful basis;
• upload special category personal data (health, biometric, genetic, political, religious, trade-union, sexual orientation, etc.), criminal convictions data, or children’s personal data without our prior written agreement;
• submit full payment card numbers or equivalent PCI-DSS cardholder data;
• submit government-issued identity numbers or documents unless we provide a specific feature for that purpose;
• use the Service to create de-anonymised profiles of individuals or to conduct surveillance;

3.4 Finance and regulated activities

Regulated firms are welcome to use BEYLA internally as a productivity tool. What you must not do is use BEYLA itself, or any Output, as if it were a regulated service. Specifically, you must not:

• present, market or represent BEYLA (or any Output) as being itself an authorised or regulated financial, banking, payment, credit, investment, insurance, legal, tax or other regulated service or provider;
• use the Service as a substitute for obtaining or maintaining any regulatory permissions, authorisations or licences that your own activities require;
• rely on the Service or any Output as the sole basis for a regulated decision, or use any Output in place of the appropriate human oversight, supervision or licensed professional process that applicable law or regulation requires;
• use the Service in breach of applicable sanctions or export-control laws, or to provide or support services to sanctioned persons or in sanctioned territories;

3.5 AI misuse

• use the Service to generate or distribute content that purports to be authored by a real person without their consent;
• create deceptive deepfakes or synthetic media used to defame, defraud or manipulate people;
• automate interaction with third-party services in breach of their terms;
• use the Service to generate malicious code, exploits, spyware or vulnerability payloads;
• use the Service to replace human review where human review is legally or ethically required.

4.1 You must promptly notify us of any suspected breach of security or this AUP by emailing security@beyla.ai.

4.2 If you discover a vulnerability in the Service, please report it responsibly to security@beyla.ai and do not publicly disclose it or exploit it. We welcome good-faith security research conducted in accordance with our responsible disclosure guidelines.

5.1 We may investigate suspected breaches of this AUP. We may also cooperate with law enforcement and regulators.

5.2 If we reasonably believe you have breached this AUP, we may take any action we consider appropriate, including:

• issuing a warning or request for remediation;
• removing, restricting or disabling access to content, features or integrations;
• rate-limiting, throttling or suspending your account;
• terminating your account and the Agreement; and
• reporting activity to law enforcement or regulators where required or appropriate.

5.3 You are liable for losses we, our Affiliates or our other customers suffer as a result of your breach of this AUP.

We may update this AUP from time to time as the Service, technology and risks evolve. The latest version is always available on our website. Material changes will be notified by email or in-product notice.

BEYLA UK LTD — 128 City Road, London, EC1V 2NX, United Kingdom. Email: trust@beyla.ai | Security: security@beyla.ai.