Acceptable Use Policy (AUP)
Version: 1.0
Last updated: 26 Jan 2026
Applies to: the Arrowdot platform, APIs, SDKs, CLI, and apps published under arrowdot.app
Abuse: [email protected]
Vulnerabilities: [email protected]
1. Use rules
You will comply with law and these rules.
You are responsible for your account, your users, your published apps, and your model/API keys and storage you connect.
2. Prohibited content
Do not upload, generate, or publish content that is:
- Illegal or rights-infringing, including unlicensed copyrighted works, counterfeit goods, or others’ confidential data.
- Exploitative or harmful, including child sexual abuse material, non-consensual intimate imagery, trafficking, threats, or harassment.
- Inciting violence, terrorism, or hate.
- Malware, spyware, or code intended to damage or subvert systems.
- Deceptive deepfakes that impersonate a person or brand without consent or a clear label.
3. Prohibited activities
You may not:
- Attack or probe others’ systems; attempt to bypass auth or rate limits.
- Interfere with or overload the service; scrape at scale without written permission.
- Reverse engineer or attempt to extract platform source or model weights.
- Use the service for high-risk operations where failure could lead to death or injury.
- Use to violate others’ privacy, monitor individuals without consent, or collect personal data without a lawful basis and notice.
- Use the service to build a competing hosted service that replicates core functionality in a confusing way.
4. Models, providers, and BYO keys
If you connect third-party model or API keys, you must follow those providers’ terms and policies.
If you pass personal data to models, you must have a lawful basis and provide required notices to end users.
We may block unsafe prompts, outputs, or provider routes to protect users and the service.
5. Publishing on arrowdot.app
Public projects are opt-in. If you make one public, do not include secrets or personal data.
If your app collects end-user data, you are the controller. Provide your own privacy notice and consent mechanism.
6. Enforcement
We may remove or restrict content, suspend accounts, or disable published apps that breach this AUP or create risk. For escalation, email [email protected].
7. Security research
Good-faith security research is welcome. Do not access customer data, degrade service, or exploit beyond proof. Report promptly to [email protected]. We will not pursue legal action for good-faith, compliant testing.