Acceptable Use Policy
Last updated: May 31, 2026
Document owner: Trust and Safety Lead with Legal and Security review Review cadence: Quarterly; immediate review after abuse trends, incidents, or legal updates Effective date: 2026-05-31 Policy owner / Legal entity: EthicPages, Inc. Registered address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ Primary contact: ethicpages+contact@invictosoft.com
1. Purpose and policy scope
This Acceptable Use Policy ("AUP") sets out permitted and prohibited use of EthicPages, Inc. ("EthicPages," "we," "us") services, including website access, account use, API interactions, AI-assisted document generation, hosted Trust Center pages, and related communication channels (collectively, the "Service").
This policy is incorporated into our Terms of Service. Violations may result in warnings, feature restrictions, suspension, termination, legal reporting, or other remedial action as appropriate to severity and risk.
2. Principles for permitted use
EthicPages is designed to help organizations publish reliable trust and compliance documentation. Permitted use means lawful, responsible, secure, and transparent operation aligned to the Service purpose.
2.1 Permitted use framework
| Principle | What we expect |
|---|---|
| Lawful operation | Use complies with applicable local and international laws |
| Good-faith documentation | Content should accurately represent operational controls and commitments |
| Security responsibility | Users protect credentials and avoid risky behavior |
| Data minimization | Submit only data reasonably necessary for service use |
| Respect for others | No harassment, abuse, fraud, or rights infringement |
3. Who must follow this policy
This policy applies to all users and entities that access or use EthicPages, including:
- account owners and billing administrators;
- invited workspace members and contractors;
- API users and integration maintainers;
- visitors interacting with hosted pages under Customer control.
Customers are responsible for ensuring their users understand and comply with this policy.
4. Prohibited activities
The following activities are prohibited. This table is illustrative and not exhaustive.
4.1 Prohibited activity matrix
| Prohibited activity | Example | Why prohibited |
|---|---|---|
| Unauthorized access | Attempting to bypass authentication or privilege boundaries | Threatens security and confidentiality |
| Malware or exploit delivery | Uploading malicious scripts, payloads, or exploit code | Harms platform integrity and customers |
| Credential abuse | Sharing credentials in insecure channels or account takeover attempts | Increases compromise risk |
| Illegal content use | Using service for unlawful operations, fraud, or sanctions evasion | Violates legal obligations |
| Harassment or abuse | Threatening, stalking, or abusive content in support channels | Violates safety and conduct standards |
| IP infringement | Uploading or publishing material you do not have rights to use | Violates legal rights and platform policy |
| Deceptive compliance claims | Publishing false security/privacy assertions via generated pages | Misleads procurement and regulators |
| Spam and abusive automation | Excessive automated requests that degrade service reliability | Harms availability and fair use |
| Reverse engineering abuse | Attempting to extract non-public internals beyond lawful interoperability rights | Violates contractual and security obligations |
| Data scraping at scale | Harvesting data from hosted pages outside allowed boundaries | Risks privacy, abuse, and operational harm |
4.2 Additional prohibited use cases
- Using EthicPages outputs to impersonate regulators, legal counsel, or certification bodies.
- Submitting data obtained unlawfully or without a valid legal basis.
- Attempting to disable abuse-prevention mechanisms or rate controls.
- Running denial-of-service or resource exhaustion activity.
- Using service content for phishing, scams, or social engineering campaigns.
5. AI content responsibilities
EthicPages may provide AI-assisted generation features for policy and legal-document drafting. AI output can be useful but may be incomplete, outdated, or context-sensitive. Customers are responsible for human review and approval before publication or contractual use.
5.1 Mandatory AI output controls
| Requirement | Customer responsibility |
|---|---|
| Human review | Qualified reviewer validates each material output before release |
| Legal validation | Jurisdiction-specific legal counsel reviews where required |
| Accuracy checks | Claims about certifications, controls, and incident history are verified |
| Data hygiene | Sensitive or unnecessary personal data is not included in prompts |
| Version governance | Approved output versions are tracked and updated when obligations change |
5.2 Prohibited AI usage patterns
| Disallowed behavior | Reason |
|---|---|
| Publishing unreviewed AI output as final legal commitment | High risk of inaccuracy and legal exposure |
| Prompting with confidential third-party data without authorization | Privacy and confidentiality breach risk |
| Using AI output to generate deceptive legal assertions | Fraud and procurement integrity risk |
| Attempting to bypass model safety controls | Security and policy violation |
6. Security and access obligations
Customers must maintain reasonable organizational controls to protect access and prevent misuse.
6.1 Baseline access controls
| Control | Expectation |
|---|---|
| Credential hygiene | Strong, unique passwords and secure storage practices |
| Access governance | Promptly remove access for departed staff and role changes |
| Principle of least privilege | Grant minimum role capabilities required for job duties |
| Incident reporting | Report suspected misuse or compromise without undue delay |
Failure to maintain basic security controls may be treated as policy non-compliance where it materially increases risk to the Service or other customers.
7. Billing, fraud, and payment misuse
Users may not engage in payment fraud, chargeback abuse, stolen payment instrument use, or deceptive subscription practices. Plan use must align with commercial terms and published pricing:
- $17/month
- $132/year
- $750 one-time
- $1,200 lifetime
Billing obligations and remedies are defined in Terms of Service, Billing Terms, and Refund Policy.
7.1 Payment abuse outcomes
| Behavior | Potential response |
|---|---|
| Fraudulent payment attempt | Immediate suspension and risk review |
| Repeated abusive chargebacks | Account restrictions and possible termination |
| Deliberate payment evasion | Termination and possible legal recovery actions |
8. Content standards for hosted trust pages
If you publish Trust Center pages through EthicPages, your content must be clear, accurate, and not misleading. You should not represent controls, certifications, legal guarantees, or service commitments that you cannot substantiate.
8.1 Content integrity requirements
| Requirement | Standard |
|---|---|
| Truthfulness | Statements must be materially accurate |
| Evidence basis | Claims should be supportable by policy, process, or evidence |
| Update discipline | Outdated statements should be corrected promptly |
| Legal compliance | Content must comply with applicable advertising and consumer laws |
9. Monitoring, investigations, and cooperation
EthicPages may monitor platform activity for security, abuse prevention, and policy enforcement. Monitoring is conducted in line with lawful obligations and privacy commitments.
When investigating suspected violations, EthicPages may request additional information, temporarily restrict features, or require remediation actions.
9.1 Investigation workflow
| Investigation phase | Typical activity |
|---|---|
| Detection | Automated or manual signals indicate possible misuse |
| Triage | Risk severity and scope are assessed |
| Containment | Access restrictions may be applied to reduce risk |
| Review | Customer contacted for explanation, evidence, and remediation plan |
| Resolution | Warning, restoration, suspension, termination, or legal escalation |
10. Enforcement and suspension
EthicPages may take proportional action based on severity, recurrence, intent, legal exposure, and impact on platform security.
10.1 Enforcement ladder
| Level | Typical trigger | Potential action |
|---|---|---|
| Level 1 | Minor first-time violation with low risk | Notice and corrective guidance |
| Level 2 | Repeated or moderate-risk violation | Temporary feature restrictions |
| Level 3 | Serious abuse or high-risk behavior | Immediate suspension pending review |
| Level 4 | Confirmed severe, intentional, or unlawful misuse | Termination and possible legal report |
Nothing in this policy limits our right to take immediate action where necessary to prevent harm, protect security, or comply with law.
11. Appeals and remediation
Customers may request reconsideration of enforcement actions by providing factual context and a remediation plan.
11.1 Appeal submission requirements
| Required element | Description |
|---|---|
| Account identifier | Workspace/account used in alleged violation |
| Action challenged | Date and type of enforcement action |
| Factual correction | Evidence that clarifies or disputes findings |
| Remediation plan | Concrete controls to prevent recurrence |
Appeals can be submitted to ethicpages+contact@invictosoft.com with subject "AUP Appeal."
12. Reporting abuse and vulnerabilities
If you identify abuse, policy violations, or security weaknesses, report them promptly.
12.1 Reporting channels
| Report type | Contact |
|---|---|
| Abuse report | ethicpages+contact@invictosoft.com (subject: Abuse Report) |
| Security issue | ethicpages+contact@invictosoft.com (subject: Security Report) |
| Urgent legal concern | ethicpages+contact@invictosoft.com (subject: Urgent Legal) |
Reports should include sufficient detail to investigate, such as timestamps, relevant URLs, user/account identifiers, and supporting evidence.
13. Data protection alignment
Use of the Service must align with Privacy Policy, Cookie Policy, Data Processing Agreement, and Subprocessors. Customers are responsible for ensuring lawful basis and authorization for personal data they upload or process.
13.1 High-risk data handling warning
EthicPages is not intended as a repository for unrelated high-risk personal data. Customers should avoid uploading excessive sensitive information not required for compliance-document workflows.
14. Export controls, sanctions, and regulated use
Users may not use the Service in violation of export control, sanctions, anti-corruption, or trade laws. Prohibited jurisdictions and restricted-party obligations apply as required by law.
EthicPages may suspend or terminate accounts when required for sanctions compliance, legal mandates, or credible evidence of prohibited regulated use.
15. Policy changes
EthicPages may update this AUP to reflect product evolution, legal obligations, abuse patterns, or security requirements. Material updates are communicated through account notices, email, or publication updates. Continued use after effective date constitutes acceptance of updated policy terms, subject to applicable law.
16. Relationship to contractual remedies
This AUP supplements, and does not replace, remedies available under the Terms of Service. Contractual rights regarding suspension, termination, indemnity, and limitation of liability remain in force.
16.1 Related contractual cross-links
| Document | Why it matters |
|---|---|
| Terms of Service | Primary contract, enforcement rights, and dispute terms |
| Privacy Policy | Controller-side handling of personal data |
| Cookie Policy | Tracker and consent handling |
| Data Processing Agreement | Processor obligations for customer data |
| Subprocessors | Vendor transparency and change process |
| Billing Terms | Payment and invoice operations |
| Refund Policy | Refund rights and limitations |
| Service Level Agreement | Uptime and support commitments |
17. Contact
For AUP questions, abuse reports, or enforcement clarifications, contact:
- Email: ethicpages+contact@invictosoft.com
- Postal: EthicPages, Inc., 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
Maintaining a safe, trustworthy, and procurement-ready platform requires shared responsibility between EthicPages and every customer organization.