Acceptable Use Policy
The Acceptable Use Policy describes the conduct we do not allow on Ultron. It applies to everyone who uses the platform, including paying users, trial users, and anyone calling the API on a customer's behalf. A breach of the AUP is a breach of the Terms of Service and can lead to suspension or termination.
Scope
This policy applies to every action taken through Ultron, regardless of interface. That includes chat sessions, programmatic API calls, agent SDK usage, scheduled automations, and any work delegated to the sandbox. It also applies to content uploaded to your workspace and to outputs you generate and share elsewhere.
If you let other people act through your account or workspace, you are responsible for what they do. You can be suspended for the conduct of someone you authorised, including a teammate, a contractor, or a script you wrote.
Unlawful conduct
You must not use Ultron to commit a crime, to facilitate a crime, or to engage in conduct that is unlawful in the jurisdiction where you operate or where the affected person lives. Examples that we treat as automatic violations:
- Fraud, money laundering, sanctions evasion, or tax evasion.
- Trafficking in persons, child exploitation material, or content that sexualises minors.
- Sale of weapons, controlled substances, or regulated goods to buyers without the required permits.
- Threats of violence, stalking, or coordinated harassment.
- Operating an unlicensed gambling, lending, or insurance service.
Harmful content
You may not use Ultron to generate or distribute material that meaningfully helps someone build a weapon capable of mass harm, including biological, chemical, radiological, nuclear, or large-scale cyber weapons. You may not generate or distribute non-consensual intimate imagery, sexual content involving minors, content that incites violence against an identifiable group, or content that promotes self-harm.
Educational, journalistic, and fictional uses of difficult topics are not the target of this rule. The line is intent and material assistance. A novelist describing a character in distress is not running a self-harm campaign; a marketing flow that pushes a vulnerable user toward harm is.
Deception and manipulation
You may not use Ultron to deceive or manipulate at scale. Examples:
- Impersonating a real person, business, or government entity in a way likely to mislead.
- Generating synthetic audio, video, or images of a real person without consent and presenting it as authentic.
- Running coordinated inauthentic behaviour on social networks, including fake accounts, paid fake reviews, or astroturfing.
- Targeting an individual with deceptive content designed to extract money, credentials, or sensitive data.
- Operating a phishing infrastructure or a scam pipeline.
Plain marketing copy and lead outreach do not violate this rule. The rule targets deception, not persuasion.
Privacy and personal data
Do not use Ultron to scrape, infer, or aggregate personal data about identifiable individuals without a lawful basis and without meeting the rules of the applicable privacy regime. This includes building profiles of people from public sources for surveillance, harassment, or doxxing.
If you process personal data of third parties through Ultron for your business, you are a controller. Sign the Data Processing Addendum, document your legal basis, respect the rights of the data subjects you contact, and honour their requests to stop. We will assist you with data subject requests we receive about your contacts, but the duty to comply with privacy law sits with you.
Security and integrity
Do not interfere with the platform's security, integrity, or normal operation. Specifically:
- No probing, scanning, or testing the vulnerability of Ultron or its providers without prior written authorisation. Authorised testing happens through the responsible disclosure programme.
- No bypassing rate limits, quota enforcement, geographic restrictions, or authentication controls.
- No introducing malware, worms, time bombs, or any code intended to disrupt the service.
- No using the sandbox to mine cryptocurrency, host services for third parties, or run workloads unrelated to skill execution.
- No automated mass account creation. One person, one account.
Intellectual property
Do not use Ultron to infringe a third party's intellectual property rights. This covers copyrighted text, software, images, audio, and video, as well as trademarks and trade secrets. Repeat infringers will lose their account.
Do not use Ultron to scrape sites whose terms forbid scraping, to extract content from paywalls without authorisation, or to train competing models on the Ultron surface.
Platform abuse
You may not use Ultron to attack or abuse other Ultron users, including by mass-messaging from connected providers, by enumerating other workspaces, or by exfiltrating data that does not belong to you. You may not resell the service to third parties without a written reseller agreement. You may not strip the Ultron branding to pass the platform off as your own.
Regulated activities
If your use case is regulated, you are responsible for the compliance of that use case. Specifically:
- Health. Do not use Ultron to provide a diagnosis, a treatment plan, or any output that would constitute the practice of medicine in your jurisdiction.
- Law. Do not provide legal advice tailored to a specific person's case without a qualified human in the loop.
- Finance. Do not provide personalised investment, tax, or credit advice to individuals without the required licence.
- Government and elections. Do not use Ultron to generate, target, or distribute political advertising during election periods in jurisdictions where this requires registration or disclosure.
- Critical infrastructure. Do not use Ultron output to make automated, unattended decisions in the operation of power, water, transport, or telecommunications networks.
High-risk uses
Some uses are not unlawful but require human review at the final step. Examples include hiring decisions, credit decisions, insurance underwriting, and law enforcement screening. If you build a workflow that touches one of these areas, every final decision must be reviewed by a qualified human. Do not deploy Ultron as a final-decision system in any of these areas.
Enforcement
What we do
We monitor for AUP violations through aggregate signals, abuse reports, and explicit detection logic for the most serious categories. When we detect a likely violation, we open an investigation. Where the conduct is severe (for example, child sexual abuse material, weapons of mass harm, or active fraud), we suspend immediately and notify the relevant authority.
For less severe violations, we contact the account owner, describe what we observed, and give a reasonable opportunity to explain or remediate. Decisions to suspend or terminate are reviewed by a human inside our trust and safety function.
Consequences
Depending on severity, consequences include a written warning, rate limit, feature throttle, suspension, or termination. Repeated or severe violations end with permanent termination and a ban on returning under a different identity. Termination for AUP cause does not entitle you to a refund of fees already paid.
Appeal
If you believe a decision was made in error, you can appeal by replying to the notice. Appeals are reviewed by a member of the trust and safety team who was not involved in the original decision.
Reporting
If you see content or conduct on Ultron that violates this policy, write to abuse@51ultron.com with as much detail as you can share. Reports go to the trust and safety team. For child safety concerns specifically, write to child-safety@51ultron.com; that inbox is reviewed continuously.