Acceptable Use Policy
This Acceptable Use Policy (the "AUP") describes activities that are prohibited when accessing or using the Prove7 platform, products, APIs, software, documentation, and related services (collectively, the "Services") provided by Prove7, Inc. ("Prove7," "we," "us," or "our").
Prove7 builds Continuous Trust Infrastructure for agentic systems — a Governed Execution Layer that measures, transfers, enforces, and proves trust for the AI agents, workflows, and automations an enterprise runs. Because our Services sit in the path of consequential, automated decisions, responsible use is essential. This AUP is incorporated into and forms part of the Terms of Service (or any other written agreement under which you access the Services). Capitalized terms not defined here have the meaning given in the Terms.
On this page
1Scope & who this applies to
This AUP applies to everyone who accesses or uses the Services in any way, including the customer that contracts with Prove7 ("Customer"), its authorized users, and any agent, workflow, automation, integration, or end user acting through the Customer's account. You are responsible for ensuring that anyone who uses the Services through you complies with this AUP. We may use automated and manual means to detect violations, and we may investigate suspected violations and cooperate with law enforcement where appropriate.
2Your responsibility for agents & users
Prove7 governs how AI agents and automated workflows behave; it does not replace your accountability for them. You remain solely responsible for the agents, models, prompts, tools, connectors, and workflows you register, configure, promote, or operate through the Services, and for the actions those systems take and the outputs they produce. Configuring an agent within Prove7, or receiving a trust score, attestation, or "governed" status, does not authorize any use that would otherwise violate this AUP, the Terms, or applicable law.
3Prohibited uses
You must not use the Services — and must not permit any user, agent, or workflow operating through your account to use the Services — to do, enable, facilitate, or encourage any of the following. The categories and examples below are illustrative, not exhaustive.
3.1 Harm people or safety
- Plan, promote, or carry out violence, terrorism, or physical harm to any person or animal;
- Develop, acquire, or deploy weapons, explosives, or other dangerous materials, or provide instructions for creating them;
- Encourage self-harm or suicide, or interfere with critical infrastructure, emergency, or public-safety systems;
- Exploit, endanger, or abuse children, or generate, solicit, or distribute child sexual abuse material (CSAM) or any sexual content involving minors.
3.2 Violate privacy, autonomy, or rights
- Collect, infer, store, or share personal, sensitive, or biometric information without a lawful basis and appropriate consent;
- Conduct unlawful surveillance, tracking, profiling, or scraping of individuals;
- Impersonate a person or organization, or create deceptive synthetic media ("deepfakes") intended to mislead;
- Infringe or misappropriate intellectual property, publicity, or other rights of any third party.
3.3 Deceive, defraud, or manipulate
- Engage in fraud, phishing, social engineering, market manipulation, or other deceptive or predatory schemes;
- Generate or distribute disinformation, fabricated records, fake reviews, or content designed to deceive about its origin or authenticity;
- Manipulate people's decisions through coercive, exploitative, or covertly automated persuasion.
3.4 Discriminate or harass
- Produce or promote hateful, harassing, or extremist content, or content that demeans individuals or groups based on a protected characteristic;
- Deploy automated decisioning (e.g., in hiring, lending, housing, insurance, or benefits) in a manner that unlawfully discriminates against protected groups.
3.5 Break the law or enable abuse
- Violate any applicable law, regulation, sanction, or export control, or facilitate others in doing so;
- Produce malware, ransomware, exploits, or tools intended to gain unauthorized access to systems or data;
- Launder money, evade taxes or regulatory oversight, or produce counterfeit goods, credentials, or documents.
4Platform integrity & security
To protect the Services and other customers, you must not:
- Probe, scan, penetration-test, or attempt to breach the Services or any Prove7 system without our prior written authorization;
- Introduce malware, harmful code, or automated processes that overload, disrupt, or degrade the Services (including denial-of-service or excessive request volumes beyond documented rate limits);
- Reverse engineer, decompile, or attempt to extract source code, model weights, or non-public components of the Services, except to the extent this restriction is prohibited by law;
- Circumvent authentication, access controls, tenancy isolation, usage limits, or billing; or share, resell, or sublicense access except as expressly permitted by your agreement;
- Falsify, tamper with, or attempt to forge audit records, trust assertions, attestations, identities, or telemetry produced or processed by the Services.
5No circumvention of governance
Prove7's value depends on the integrity of the controls it enforces. You must not use the Services to defeat, falsify, or misrepresent governance — for example, by manufacturing misleading evidence of trust, evading enforcement gates or kill switches, mislabeling an ungoverned agent as governed, or presenting Prove7 outputs (scores, attestations, audit trails) in a false or materially misleading way to regulators, customers, auditors, or the public.
6High-risk & regulated uses
If you use the Services in connection with decisions that materially affect individuals' rights, safety, health, finances, employment, or access to essential services, you are responsible for implementing appropriate human oversight, testing, validation, and legal compliance (including under applicable AI, sector, and consumer-protection laws). The Services are not designed or authorized for use as the sole basis of decisions where failure could lead to death, serious bodily injury, or severe environmental or infrastructure damage, unless expressly agreed in writing with appropriate safeguards.
7AI transparency & disclosure
Where required by law or by the context of an interaction, you must clearly disclose when content or decisions are generated or materially assisted by AI — for example, in automated customer interactions, or in regulated professional settings such as healthcare, legal, lending, employment, or financial advice. Disclosure is not a substitute for the substantive requirements above.
8Data & third-party content
You represent that you have all rights, licenses, and permissions necessary for the data, prompts, models, connectors, and content you provide to or process through the Services, and that such use complies with applicable law and any third-party terms. You are responsible for configuring the Services appropriately for the sensitivity of your data, including data classification, retention, and residency settings made available to you.
9Monitoring, enforcement & reporting
We may investigate suspected violations of this AUP and take any action we consider appropriate, including warning you, requiring remediation, throttling, suspending, or terminating access to all or part of the Services, removing offending content or configurations, and notifying or cooperating with authorities. Where practicable and lawful, we will aim to give notice, but we may act immediately without prior notice where we reasonably believe there is a risk of harm, a security threat, a legal requirement, or material disruption to the Services or other customers.
10Changes to this policy
We may update this AUP from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, provide additional notice. Your continued use of the Services after an update takes effect constitutes acceptance of the revised AUP.