Acceptable Use Policy

This Acceptable Use Policy (“AUP”) sets out the conduct expected of all users of GreyScape.ai (the “Service”), provided by KARRD Services FZCO. It is incorporated by reference into our Terms of Service. Capitalised terms used without definition here have the meaning given to them in the Terms.

Three principles sit behind this AUP: don't break the law, don't harm other users or systems, and don't misuse the AI capabilities. The specific rules below illustrate those principles but are not exhaustive — we reserve the right to act against conduct that clearly violates the spirit of the policy, even if it is not listed explicitly.

1. You must not use the Service to

1.1 Violate applicable law

• Violate any law, regulation, or court order applicable to you, GreyScape.ai, KARRD Services FZCO, our sub-processors, or other users.
• Process personal data in violation of the GDPR, UK GDPR, UAE PDPL, or any other data-protection regime that applies to you.
• Engage in activities that breach export controls, sanctions regimes, or anti-money-laundering laws.
• Distribute or generate content that infringes the intellectual property rights of any third party.

1.2 Harm other users, our systems, or third-party systems

• Attempt to gain unauthorised access to the Service, any account that is not yours, any non-public area of the platform, or any other user's data.
• Probe, scan, or test the vulnerability of the Service except through our coordinated disclosure programme (email [email protected]).
• Interfere with or disrupt the integrity or performance of the Service, including by sending unsolicited traffic, automated scrapers, or denial-of-service payloads.
• Reverse engineer, decompile, or attempt to extract the source code of any part of the Service, except to the extent expressly permitted by applicable law.
• Use the Service to scan, probe, attack, or otherwise interfere with any third-party system without explicit written authorisation from that third party.

1.3 Misuse AI features

• Use the in-product AI advisor (or any AI provider connected through GreyScape.ai) to generate child sexual abuse material, content depicting non-consensual intimate imagery of real people, or content that incites real-world violence.
• Use the Service to coordinate phishing campaigns, fraud, or impersonation of real individuals.
• Use the Service to circumvent another platform's safety controls, content policies, or rate limits, including those of the AI providers whose usage you connect to GreyScape.ai.
• Submit malicious prompts designed to extract personal data, sensitive credentials, or restricted system information from any AI model.

1.4 Misrepresent your relationship to GreyScape.ai

• Hold yourself out as an employee, agent, or partner of GreyScape.ai unless you genuinely are one.
• Use the GreyScape.ai name, logo, or other branding in a way that suggests we endorse your product or service, without our prior written consent.
• Spoof email headers, network identifiers, or user agents to disguise the source of activity on the Service.

1.5 Resell or redistribute the Service

• Resell, sublicense, or otherwise monetise the Service to a third party without our prior written agreement.
• Provide white-label access to the Service such that the end user does not know it is GreyScape.ai.
• Bulk-export GreyScape.ai-curated reference data (such as our vendor or domain catalogues) for use in a competing product.

2. Reporting abuse

If you become aware of activity on the Service that violates this AUP — including phishing attempts, impersonation, malicious workloads, or unauthorised access — please report it to [email protected]. We investigate every report received from a real human in good faith.

3. How we enforce this AUP

For minor or accidental breaches, we usually start with a notification and a chance to remediate. For serious or repeated breaches, including any breach that puts our systems or other users at risk, we may take any one or more of the following actions without prior notice:

• Suspend the workload, API key, or connector responsible.
• Suspend the user account responsible.
• Suspend the tenant workspace responsible.
• Preserve relevant records for use in investigations.
• Cooperate with law enforcement where appropriate or legally required.
• Terminate the Customer's account and access to the Service.

We aim to be transparent about enforcement actions: where we take action against a user or tenant, we contact a relevant administrator explaining what happened and why, except where doing so would compromise an investigation.

4. Contact

Abuse reports: [email protected]. General enquiries: [email protected].