UNCAPT Logo
UNCAPT
Reasoning OS

Acceptable Use Policy (AUP)

Effective: 15-Jul-2024 | Version: 1.0

Publisher: Uncapt Pty Ltd (ACN 641 190 552), Level 4, 83 Mount Street, North Sydney, NSW 2060, Australia

This Acceptable Use Policy (AUP) governs how you may access and use the Uncapt Reasoning Platform, APIs, SDKs, and related services (collectively, the "Services"). It is incorporated by reference into the Online Master Services & Subscription Terms at https://uncapt.com/terms (the "Terms"). Capitalised terms have the meaning in the Terms.

Reporting Violations:

Who this applies to

This AUP applies to:

  • Customers and their personnel, contractors, and consultants using the Services
  • Any third party you allow to access the Services for your benefit
  • Anyone using Uncapt's public or private APIs/SDKs

You are responsible for your users' compliance with this AUP.

Security and integrity

You must not:

  • Access, probe, or scan any Uncapt system without authorisation (no penetration tests, stress/load tests, or vulnerability scans without Uncapt's prior written consent)
  • Bypass or attempt to bypass authentication, authorisation, safety gates, audit trails, rate limits, or technical protections
  • Introduce malware or harmful code, or take any action that degrades, interferes with, or impairs the Services
  • Share credentials or use shared logins; you must enforce strong passwords and MFA where supported
  • Attempt to access another customer's data or any non‑public area of the Services

You must:

  • Keep credentials confidential and promptly revoke access for departing users
  • Use supported SSO/identity integrations where available and apply least‑privilege RBAC
  • Notify Uncapt promptly of suspected account compromise or security incidents involving the Services
Platform and API usage

You must not:

  • Reverse engineer, decompile, disassemble, or attempt to extract source code, model weights, underlying algorithms, schemas, or decision logic (except to the limited extent required by law after giving Uncapt prior written notice)
  • Scrape, copy, or harvest content from the Services except via documented export features or APIs within your licensed scope
  • Build or train a competing product or service using the Services or Outputs, or benchmark the Services for public disclosure without Uncapt's prior written consent
  • Exceed purchased capacity, quotas, or rate limits, or try to circumvent them (e.g., by creating multiple accounts or keys)

You must:

  • Use only documented APIs/SDKs and adhere to published quotas and back‑off guidance
  • Keep your integration keys secure and rotate them if compromise is suspected
  • Observe any environment segregation guidance (e.g., production vs sandbox)
Lawful, respectful, and safe content

You must not use (or allow use of) the Services to:

  • Violate applicable laws or third‑party rights
  • Upload, generate, or facilitate content that is illegal, infringing, fraudulent, deceptive, defamatory, harassing, hateful, discriminatory, or that incites violence
  • Stalk, dox, or invade privacy; collect personal data without lawful basis and proper notice/consent
  • Distribute spam, malware, phishing, or perform social engineering
  • Create deceptive deepfakes or impersonate another person or organisation without clear, lawful disclosure
  • Provide instructions to create weapons, cause physical harm, or commit crimes
  • Infringe intellectual property or moral rights (including unlicensed copying, brand misuse, or removal of notices)

Where laws or policies require it, you must not misrepresent machine‑generated content as human‑authored, and you must follow any required disclosure or labeling obligations in your industry.

Personal data, health data, and regulated information

You are responsible for ensuring you have all required notices, consents, and lawful bases to upload and process Personal Information (and, if applicable, Health Information or other sensitive information) in the Services.

  • Do not input children's data without appropriate parental/guardian consent and safeguards, and never deliberately target children under 16 through the Services.
  • Do not upload cardholder data (PCI), government‑issued identification numbers, or biometric identifiers unless expressly permitted in your Order and protected in line with applicable standards and the DPA.
  • If your Order/SOW and DPA do not cover Health Information or other sensitive categories, you must not process them in the Services.

All processing of Personal Information is governed by the Terms and the DPA at https://uncapt.com/legal/dpa.

Clinical/regulated and high‑risk uses

Unless your Order expressly states otherwise:

  • The Services and Outputs are decision‑support only and are not medical advice or for emergency use
  • You must maintain human‑in‑the‑loop oversight for safety‑critical or clinically material decisions
  • Do not use the Services in ultra‑hazardous or high‑risk activities (e.g., life support, aviation, nuclear operations) where failure could result in death, personal injury, or catastrophic damage
  • You are responsible for any required approvals, certifications, or governance in your industry
Fair use and resource consumption
  • Use the Services within the volumes, throughput, and storage purchased in your Order
  • Do not perform activities designed to artificially inflate usage metrics or evade overage charges
  • Do not run background tasks or polling that creates undue load where not required (use webhooks or recommended patterns where available)

Uncapt may throttle or limit requests that materially impact stability or other customers.

Prohibited reselling and sharing
  • Do not resell, transfer, or sublicense the Services to third parties except as expressly permitted in your Order
  • Contractors may use the Services solely for your benefit and must be bound to obligations at least as protective as the Terms and this AUP
  • Do not provide the Services as a service bureau, managed service, or platform for third parties unless expressly agreed in writing
Export control, sanctions, and local laws
  • You must comply with applicable export control and sanctions laws and must not provide access to embargoed/blocked parties or countries where such access is prohibited
  • You are responsible for ensuring your local use complies with applicable laws and regulations
Limited Use Service package specifics (if purchased)
  • Allowances (users, plan generations, KB searches, support hours) and metering rules are described at https://uncapt.com/legal/limited-use and your Order
  • Unused allowances do not roll over; overage is charged per your Order or the posted rate card
  • Limited Use Service includes light operations/support only; new features/integrations require a change order or SOW
Enforcement

Uncapt may take one or more of the following actions for AUP violations, at its reasonable discretion:

  • Ask you to modify or remove content or to cease prohibited activity
  • Throttle, block, or rate‑limit API calls or features
  • Suspend or restrict access (in whole or part), with or without prior notice in urgent cases
  • Terminate access where violations are severe, repeated, or unlawful
  • Report suspected illegal activity to law enforcement and cooperate with investigations

Uncapt will act proportionately, considering severity, intent, and impact. You are responsible for fees incurred up to the time of suspension/termination.

Reporting

Please include sufficient detail to help us investigate (timestamps, request IDs, screenshots/logs, and a description of impact).

Changes to this AUP

We may update this AUP from time to time. Material changes will be notified (email or in‑product banner) at least 15 days before taking effect and apply at renewal unless you accept earlier (by continued use or a new Order).

Examples (non‑exhaustive)

Prohibited examples include:

  • Running a credential‑stuffing tool against Uncapt endpoints
  • Using botnets or headless browsers to scrape UI pages outside of documented APIs
  • Uploading patient records without lawful basis or without the DPA in place
  • Publishing public benchmarks of the Platform without our prior written consent
  • Generating harassing or hateful content targeting a protected class
  • Attempting to extract prompt templates, ontologies, schemas, or model internals

Allowed examples (with proper licensing and governance):

  • Building internal decision‑support workflows with human review
  • Using APIs to integrate your systems within rate limits and quotas
  • Uploading de‑identified data for research use consistent with the DPA and Terms

Contact

Uncapt Pty Ltd

Level 4, 83 Mount Street, North Sydney, NSW 2060, Australia

info@uncapt.com | https://uncapt.com

Last updated: 15-Jul-2024