Русский

Polski

Deutsch

Acceptable Use Policy (AUP)

AI Form Copilot

Last Updated: [DATE]

Service Provider: [NAME] Individual Entrepreneur Staniszewskiego 19b 81-303 Gdynia, Poland Email: info@webappski.com

1. PURPOSE

This Acceptable Use Policy ("AUP") defines prohibited uses of AI Form Copilot services ("Services"). By using Services, you agree to comply with this AUP, the Terms of Service, and the Data Processing Agreement.

Violation of this AUP may result in:

Account suspension or termination
Legal action
Notification to law enforcement (for illegal activities)
No refund of fees paid

2. PROHIBITED USES

2.1 Illegal Activities

You shall NOT use Services for:

Fraud: Phishing, identity theft, financial fraud, credit card fraud
Hacking: Unauthorized access to systems, networks, or data
Malware: Distributing viruses, trojans, ransomware, or other malicious code
Spam: Sending unsolicited bulk emails or messages
Copyright infringement: Distributing pirated content, plagiarism
Illegal surveillance: Recording conversations without consent (where required by law)
Money laundering: Using Services to facilitate illegal financial transactions
Terrorism: Promoting, planning, or facilitating terrorist activities
Child exploitation: Any content involving minors in illegal or harmful situations
Human trafficking: Facilitating illegal human trafficking or slavery
Illegal drugs: Promoting or selling illegal drugs or controlled substances
Weapons: Selling illegal weapons or explosives

2.2 Data Protection Violations

You shall NOT:

Collect personal data without consent (GDPR Article 6 violation)
Process Special Categories of Personal Data (Article 9) without lawful basis:
- Racial or ethnic origin
- Political opinions
- Religious or philosophical beliefs
- Trade union membership
- Genetic data, biometric data
- Health data
- Data concerning sex life or sexual orientation
Target children without compliance:
- Under 13 (US): COPPA violations (no parental consent)
- Under 16 (EU): GDPR Article 8 violations (no parental consent)
Scrape or harvest data without authorization
Share personal data with unauthorized third parties
Sell personal data to data brokers or advertisers
Use Services for profiling or automated decision-making without transparency and opt-out

2.3 Harmful Content

You shall NOT use Services on websites containing:

Hate speech: Content promoting violence or discrimination based on race, ethnicity, religion, gender, sexual orientation, disability, or nationality
Harassment or bullying: Intimidating, threatening, or stalking individuals
Violence or gore: Graphic violent content or extreme gore (exceptions: news, educational contexts)
Self-harm or suicide promotion: Encouraging self-injury or suicide
Exploitation: Exploiting vulnerable individuals (elderly, disabled, minors)
Deceptive practices:
- Fake products or services
- Pyramid schemes or multi-level marketing scams
- False testimonials or reviews
- Misleading health claims (fake cures, miracle drugs)
Adult content (conditional):
- Pornography: PROHIBITED unless you notify us and obtain written approval
- Escort services: PROHIBITED
- Sex trafficking: PROHIBITED (illegal activity)

2.4 Technical Abuse

You shall NOT:

Reverse engineer, decompile, or disassemble the widget or APIs
Bypass rate limits or technical protections:
- Using multiple accounts to circumvent limits
- IP rotation to avoid detection
- API scraping or automated abuse
Launch DDoS attacks or attempt to overload our infrastructure
Attempt to gain unauthorized access to our systems, servers, or databases
Interfere with other clients' use of Services
Use Services to test security of third-party systems without authorization
Extract or copy source code of the widget
Create derivative works or competing products based on our Services
Remove or obscure attribution (copyright notices, branding)

2.5 Resale and Unauthorized Distribution

You shall NOT:

Resell Services without written authorization from us
Offer Services as white-label or under different branding
Sub-license Services to third parties
Distribute widget source code to competitors
Bundle Services with competing products without disclosure

2.6 Misrepresentation

You shall NOT:

Impersonate others: False identity, fake company, spoofed emails
Misrepresent relationship with us: Claiming partnership, endorsement, or affiliation without authorization
False advertising: Misleading claims about Service capabilities
Fake reviews or testimonials: Writing fake reviews for compensation

2.7 High-Risk Applications (Without Appropriate Disclaimers)

You shall NOT use Services for high-risk applications unless you provide clear disclaimers:

Medical diagnosis or treatment (AI is not a doctor; seek professional medical advice)
Financial advice (AI is not a financial advisor; consult licensed professionals)
Legal advice (AI is not a lawyer; consult licensed attorney)
Safety-critical systems (aviation, automotive, industrial control) - NOT RECOMMENDED
Life-or-death decisions (emergency services, 911 dispatch) - PROHIBITED

If used for informational purposes (e.g., symptom checker), you MUST display prominent disclaimers:

"This is not medical advice. Consult a healthcare professional."
"This is for informational purposes only."

2.8 Privacy and Security Abuse

You shall NOT:

Collect sensitive information via voice without explicit consent and warnings:
- Passwords, PINs, security codes
- Government IDs (SSN, passport numbers)
- Credit card numbers, CVV codes
- Health records, medical diagnoses
Fail to educate users about risks of voice input for sensitive data
Omit data-ai-private attribute on fields you know contain confidential company information
Disable or obscure Privacy Policy from end users
Fail to obtain consent for voice input processing

3. REPORTING VIOLATIONS

3.1 How to Report

If you suspect AUP violation by another client:

Email: abuse@webappski.com (or info@webappski.com)
Subject: "AUP Violation Report - [Client Domain]"
Include: Evidence (screenshots, URLs, timestamps)

3.2 Our Investigation

We will:

Investigate reported violations within 7 business days
Notify you of outcome (if you are the reporter)
Take action if violation confirmed (warning, suspension, or termination)

3.3 False Reports

Do NOT file false reports. If we determine a report is made in bad faith:

Reporter's account may be suspended
Legal action may be taken for defamation

4. CONSEQUENCES OF VIOLATION

4.1 Warning (First Offense)

For minor violations:

Email warning sent
7 days to cure violation
Account remains active

4.2 Suspension (Second Offense or Moderate Violation)

For repeat or moderate violations:

Account suspended for 30 days
No access to Services during suspension
No refund of fees
Must cure violation before reactivation

4.3 Permanent Termination (Third Offense or Severe Violation)

For severe violations or 3+ offenses:

Permanent account termination
All data deleted within 30 days
No refund of fees
Blacklisted (cannot create new account)

Immediate Termination (No Warning) for:

Illegal activities (fraud, hacking, child exploitation)
GDPR breaches exposing us to liability
Malware distribution
DDoS attacks
Reverse engineering or IP theft

4.4 Legal Action

We reserve the right to:

Report illegal activities to law enforcement
Cooperate with investigations (provide logs, data)
Pursue civil damages for breach of contract
Seek injunctive relief for IP violations

5. YOUR RESPONSIBILITIES

5.1 Monitor Your Use

You are responsible for:

Ensuring your website complies with this AUP
Monitoring content on your website
Promptly addressing violations
Training your staff on acceptable use

5.2 Educate End Users

You must educate end users (via Privacy Policy, disclaimers, or UI warnings):

What NOT to speak (passwords, SSN, credit cards, medical data)
Data retention (30-day log retention, OpenAI processing)
Risks (~95% PII detection accuracy, not perfect)
Consent (obtain consent before enabling voice input)

5.3 Implement Safeguards

You should:

Use data-ai-private attribute on sensitive fields
Display disclaimers for high-risk applications
Obtain parental consent for child-directed content (COPPA, GDPR Article 8)
Comply with accessibility requirements (WCAG, ADA)

6. CHANGES TO THIS AUP

We may update this AUP with 30 days' notice via:

Email to your registered address
Dashboard notification
Updated AUP posted at https://webappski.com/legal/aup

Continued use after effective date = acceptance.

7. CONTACT

For AUP Questions: Email: info@webappski.com Subject: "AUP Inquiry"

To Report Violations: Email: abuse@webappski.com Subject: "AUP Violation Report - [Domain]"

For Legal Matters: [NAME] Staniszewskiego 19b 81-303 Gdynia, Poland

APPENDIX: EXAMPLES OF VIOLATIONS

Example 1: GDPR Violation (Immediate Termination)

Scenario: Client collects voice input from users without consent. Violation: GDPR Article 6 (no lawful basis) Action: Immediate termination + report to UODO (Polish data protection authority)

Example 2: Illegal Content (Immediate Termination)

Scenario: Client uses widget on website promoting illegal drugs. Violation: Illegal activity (Section 2.1) Action: Immediate termination + report to law enforcement

Example 3: Reverse Engineering (Warning → Termination)

Scenario: Client decompiles widget JavaScript to extract source code. Violation: IP violation (Section 2.4) Action: Warning, then termination if continues

Example 4: Adult Content Without Approval (Suspension)

Scenario: Client uses widget on pornography website without notifying us. Violation: Content restriction (Section 2.3) Action: 30-day suspension, reactivation if client provides age verification + disclaimers

Example 5: Rate Limit Abuse (Warning → Suspension)

Scenario: Client creates 5 free accounts to bypass 100-request limit. Violation: Technical abuse (Section 2.4) Action: Warning, all accounts suspended if continues

Example 6: Medical App Without Disclaimers (Warning)

Scenario: Client uses widget for symptom checker without "not medical advice" disclaimer. Violation: High-risk application (Section 2.7) Action: Warning + 7 days to add disclaimers

Example 7: Collecting Children's Data (Immediate Termination + Report)

Scenario: Client's website targets children under 13 (US) without COPPA compliance. Violation: Data protection + illegal activity (Section 2.2) Action: Immediate termination + report to FTC (US) or UODO (Poland)

BY USING AI FORM COPILOT SERVICES, YOU AGREE TO COMPLY WITH THIS ACCEPTABLE USE POLICY.

Last Updated: [DATE] Version: 1.0