Acceptable Use Policy

Effective: 2026-05-22 · Part of the Terms of Service

This Acceptable Use Policy ("AUP") describes activities that are prohibited on Aurelius. Violating this AUP is a material breach of our Terms of Service and grounds for immediate suspension or termination of your account, forfeiture of unused credits, and (where required) referral to law enforcement.

This list is illustrative, not exhaustive. We may suspend accounts for conduct that violates the spirit of these prohibitions even if not explicitly listed. When in doubt, ask before doing.

1. Illegal content & child safety

Zero tolerance: child sexual abuse material (CSAM). Generating, transmitting, requesting, soliciting, or attempting to obtain CSAM in any form, including AI-generated, drawn, animated, simulated, or otherwise stylized, is absolutely prohibited. Accounts found doing this are terminated immediately, all related material is preserved for evidentiary purposes, and we report to the National Center for Missing & Exploited Children (NCMEC) per 18 U.S.C. § 2258A and to law enforcement in your jurisdiction.

You must not use the Service to:

Generate, request, possess, or distribute child sexual abuse material (CSAM), child sexual exploitation material, or any sexualized depiction of a minor, real or AI-generated.
Engage in grooming, sextortion, or other exploitation of minors.
Generate non-consensual intimate imagery (NCII) of any person, including via face-swap, deepfake, or "nudify" techniques applied to real individuals.
Promote, glorify, or facilitate violence against any person or group, including terrorism, mass casualty attacks, or hate crimes.
Engage in stalking, harassment, doxxing, bullying, or intimidation.
Facilitate human trafficking, forced labor, or exploitation.
Generate content that constitutes a true threat to identifiable individuals.
Engage in any activity that violates applicable criminal law in your jurisdiction or in the United States.

2. Malicious software & cybercrime

You must not use the Service to:

Create, modify, distribute, or assist in the creation of malware, ransomware, spyware, rootkits, keyloggers, worms, viruses, trojans, or other malicious code intended to harm computers or users.
Develop or distribute phishing kits, credential harvesters, fake login pages, or impersonation tools targeting real services.
Identify, develop, or exploit zero-day vulnerabilities against systems you do not own or have explicit written authorization to test.
Conduct or facilitate denial-of-service attacks, credential stuffing, account takeovers, SIM-swap fraud, or unauthorized access to any system.
Generate code intended for use in command-and-control infrastructure, exfiltration tooling, or other malicious-actor infrastructure.
Bypass digital rights management, content protection, or device security mechanisms.

Legitimate defensive security work (writing detections, analyzing your own malware samples in isolation, developing patches for your own products, CTF challenges with explicit authorization) is permitted. When in doubt, contact us first.

3. Deception & impersonation

You must not use the Service to:

Impersonate any person, business, or government entity in a way intended to deceive, including deepfakes of real persons made without their explicit consent.
Create deceptive synthetic media (deepfake video/audio) of identifiable individuals without clear AI-generated labelling.
Generate mass political disinformation, fake news content for distribution, fraudulent campaign material, or content intended to manipulate elections.
Generate market-manipulation content, pump-and-dump material, fake reviews, or fake testimonials.
Generate fraudulent academic content (fabricated research, made-up citations passed off as real, ghostwritten dissertations submitted as the user's own).
Mislead users into believing AI-generated content is human-generated where transparency is legally required (e.g., California SB 1001, EU AI Act labeling).
Misrepresent the AI's capabilities, authority, or identity (e.g., presenting Aurelius output as advice from a licensed professional).

4. Privacy violations

You must not use the Service to:

Collect, aggregate, or process personal information about individuals without their consent or another valid lawful basis.
Identify or re-identify anonymized individuals.
Generate dossiers, profiles, or surveillance reports on private individuals.
Process protected health information (PHI) covered by HIPAA without a separate, signed Business Associate Agreement with us (we have none currently, do not submit PHI).
Process payment card data, financial account credentials, government-issued IDs, biometric data, or other sensitive personal data.
Process FERPA-protected education records, classified information, or material under export control without separate written authorization.

5. AI safety prohibitions

You must not use the Service to:

Bypass, disable, or circumvent the safety controls of the underlying models, including via prompt injection, jailbreak prompts, role-playing exploits, or other manipulation.
Extract or attempt to extract our system prompts, configuration, weights, or training data.
Reverse-engineer, decompile, or attempt to discover the source code or underlying algorithms of the Service or underlying models.
Train, fine-tune, distill, or otherwise create a machine-learning model using inputs from or outputs of the Service ("model distillation" or "shadow training"), or use the Service to benchmark, evaluate, or develop a competing AI product.
Generate outputs intended to assist with the creation of chemical, biological, radiological, nuclear, or explosive (CBRNE) weapons or other weapons of mass destruction.
Generate outputs intended to enable critical-infrastructure attacks (power grid, water, financial systems, healthcare delivery).
Automate the use of the Service at scale for the purpose of harm (e.g., automated harassment, mass-produced disinformation, scaled scam-content production).

6. Regulated and high-risk applications

The Service is a general-purpose AI assistant; it is not certified, validated, or licensed for use in any regulated decision-making context. You must not use the Service to make or substantially inform automated decisions producing legal or similarly significant effects on natural persons in the following domains without independent human review:

Healthcare: diagnosis, treatment, triage, or medication decisions affecting real patients.
Legal: advice presented to a client, contract drafting without attorney review, judicial decisions.
Finance: lending, underwriting, credit decisions, investment advice presented to a real client.
Employment: hiring, promotion, termination, or compensation decisions.
Insurance: underwriting, claims adjudication, or pricing.
Housing: tenant screening, eligibility determination.
Education: admissions, grading affecting credentials.
Public benefits: eligibility for government programs.
Criminal justice: risk assessment, sentencing, bail, parole.
Safety of life: any safety-critical or life-safety application where AI error could cause physical harm.

Where you use AI output to inform such decisions, you must (a) have meaningful human review of every individual decision, (b) maintain documentation of the human review, and (c) comply with all applicable laws, including but not limited to the EU AI Act, NYC Local Law 144 (employment), and state-level AI laws.

7. Spam, abuse, and resource integrity

You must not use the Service to:

Send unsolicited bulk email or commercial messages ("spam") in violation of the CAN-SPAM Act, CASL, or similar laws.
Generate SEO spam, link-spam content, or other content intended for search-engine manipulation at scale.
Generate fake reviews, fake user-generated content, or content designed to manipulate ranking algorithms on third-party platforms in violation of those platforms' terms.
Engage in coordinated inauthentic behavior on social media platforms.
Operate multiple accounts to evade rate limits, credit budgets, or suspensions.
Refund-abuse: file chargebacks or refund requests in bad faith.
Scrape, mass-extract, or systematically index the Service or its outputs except as expressly permitted.

8. Sanctions, export controls & restricted jurisdictions

You must not access or use the Service:

From a country subject to comprehensive U.S. sanctions (currently: Cuba, Iran, North Korea, Syria, and the Crimea, Donetsk, and Luhansk regions of Ukraine).
If you are on, or owned 50% or more by persons on, the U.S. Treasury OFAC Specially Designated Nationals list, the U.S. Commerce Department Entity List or Denied Persons List, or analogous lists in other jurisdictions.
To facilitate transactions, payments, or services to sanctioned persons or jurisdictions.
To export, re-export, or transfer items subject to U.S. export controls in violation of those controls.

9. Intellectual property & rights of others

You must not use the Service to:

Infringe copyright, trademark, patent, trade secret, or other intellectual property rights of any third party. Submitting copyrighted material as a prompt without rights to do so, and then publishing the output, is your responsibility, not ours.
Generate content that infringes the right of publicity, the right of privacy, or moral rights of identifiable individuals.
Generate content that breaches a contractual confidentiality obligation you owe to a third party (e.g., processing your employer's trade secrets through the Service without authorization).

10. Reporting violations

If you become aware of a violation of this AUP, your own, another user's, or one involving AI-generated content downstream of the Service, please report it to abuse@[DOMAIN]. We investigate every report. For child-safety concerns, also contact:

NCMEC CyberTipline: report.cybertip.org or 1-800-843-5678 (US)
Internet Watch Foundation: report.iwf.org.uk (UK/global)

11. Consequences of violation

We respond to AUP violations on a sliding scale based on severity and intent. Possible actions include:

Warning, for minor or unintentional first violations.
Content removal, for offending material, with notice to the user.
Account suspension, temporary loss of access pending investigation.
Account termination, for material violations, with forfeiture of unused credits.
Permanent ban, for repeat offenders or single-incident severe violations.
Law enforcement referral, for content or conduct that constitutes a crime, including all child-safety violations, terrorism content, and credible threats of violence.
Civil action, for material harm caused by your violation, we may seek damages, including under the indemnification clause of the Terms of Service.

12. Operator's discretion

Determinations of what violates this AUP are made by the Operator in good faith. Where reasonable and lawful, we will provide notice and an opportunity to cure. Where the violation is severe or ongoing harm is occurring, we may act immediately and provide notice afterwards.

13. Changes

We update this AUP as threats and platform abuse patterns evolve. Material changes are announced by email to active users at least 14 days in advance. Continued use after the effective date constitutes acceptance.

Operator placeholders [LIKE_THIS] must be filled in before publication. This document is a template; not legal advice. Have a lawyer review before publishing.