Acceptable Use Policy

ATPetrichor · v1.0

This Acceptable Use Policy (this “AUP”) sets out the conditions of use for the Provider's Token API Platform Services (the “Services”) and is incorporated by reference into the Master Service Agreement (MSA) and the Terms of Service (ToS). All Customers, Users and end-users of the Services shall comply with this AUP.

The Provider acts as a reseller / aggregator of AI model APIs from upstream providers including without limitation OpenAI, Anthropic, Google and Meta (each, an “Upstream Provider”). The Upstream Providers' usage policies (including without limitation the OpenAI Usage Policy, Anthropic Usage Policy / Acceptable Use Policy, and Google AI Acceptable Use Policy) are binding on the Customer. Where this AUP and an Upstream Provider's policy conflict, the stricter applies.

1. Prohibited uses

1.1 Illegal Activity

The Customer shall not use the Services to conduct or assist:

  1. Any activity that violates the laws, regulations or governmental orders of Taiwan, the user's jurisdiction, or the Service jurisdiction;
  2. Infringement of third-party intellectual property, trade secrets, privacy, likeness, reputation or credit rights;
  3. Fraud, money laundering, bribery, market manipulation, insider trading or other economic crimes;
  4. Unauthorized data collection, scraping, or circumvention of anti-scraping measures;
  5. Circumventing the Provider's or any Upstream Provider's content filters, security controls, geo-restrictions or rate limits; or
  6. Use by any individual or entity subject to applicable economic sanctions or embargo / denied-party lists.

1.2 Harm to Persons

The Customer shall not use the Services to:

  1. Harass, intimidate, bully, stalk or defame any person;
  2. Incite violence, suicide, self-harm, eating disorders or substance abuse;
  3. Engage in discrimination or hate speech based on race, ethnicity, nationality, religion, gender, sexual orientation, disability, age or other legally protected characteristic; or
  4. Cause physical or psychological harm to minors (including without limitation child sexual abuse material (CSAM), grooming or trafficking); this item is strictly prohibited.

1.3 Security Attacks

The Customer shall not use the Services to:

  1. Develop, distribute or operate malware, ransomware, spyware, Trojans;
  2. Conduct DDoS, intrusion, unauthorized penetration testing or vulnerability scanning;
  3. Send phishing, social engineering, spam, or unsolicited bulk messages; or
  4. Crack passwords, bypass authentication, steal credentials or session tokens.

1.4 AI-Specific Prohibitions

Given the AI nature of the Services, the Customer shall additionally not:

  1. Generate deepfake impersonations of real persons, especially public figures, politicians or executives, in voice, image or text;
  2. Generate, synthesize or distribute non-consensual intimate imagery (NCII);
  3. Engage in election interference, including without limitation false voting information, manipulating candidate statements or producing deceptive campaign content;
  4. Conduct mass disinformation campaigns, including AI-generated fake news, fabricated medical advice or fabricated financial advice;
  5. Fail to disclose AI usage in customer service, mental health counseling, medical advice or legal advice contexts where end-users may reasonably expect human interaction;
  6. Conduct biometric identification or surveillance, including mass facial recognition, emotion recognition or identity tracking, without explicit legal authorization;
  7. Make automated decisions with significant impact on individuals (including credit, insurance, employment, housing, education, immigration or criminal justice) without offering meaningful human review and appeal mechanisms; or
  8. Train competitive models: use Outputs to train, fine-tune or improve any AI model that is substantially competitive with the Platform or any Upstream Provider, except as expressly permitted in an SOF.

1.5 Service Abuse

The Customer shall not:

  1. Reverse engineer: disassemble, decompile or simulate the Services to obtain technical or commercial details;
  2. Resell: provide the Services to third parties via white-label, sub-account or any reseller arrangement, except as expressly authorized in an SOF;
  3. Evade billing: use multiple accounts to circumvent quotas, share API Keys to evade free-tier limits, or commit purchase fraud;
  4. Disclose benchmarks: publicly publish performance benchmarks, availability tests or vulnerability research without prior written consent of the Provider; or
  5. Excessive consumption: systematically call the Services at maximum quota with no real business need (e.g., 24x7 idle calls), thereby affecting other users.

2. Pass-through of upstream provider policies

The Customer acknowledges that the Provider operates as an aggregator of upstream model providers, and that the following upstream policies are binding on the Customer with the same force as this AUP. The Provider may update referenced versions from time to time:

  1. OpenAI Usage Policies: openai.com/policies/usage-policies
  2. Anthropic Usage Policy / Acceptable Use Policy: anthropic.com/legal/aup
  3. Google AI Acceptable Use Policy (Generative AI Prohibited Use Policy)
  4. Other Upstream Providers: as published in the Provider's console or Pricing List.

If the Customer's breach of an Upstream Provider's policy results in the Provider's suspension, throttling, loss of discount, fines or third-party claims, the Customer shall indemnify the Provider for all resulting losses pursuant to MSA Section 3.2.

3. Customer-side obligations

The Customer is fully responsible for the conduct of its Users and end-users. The Customer shall:

  1. Include AUP-equivalent prohibitions in the Customer's own product terms and disclose the AI nature of the service to end-users;
  2. Establish internal abuse detection, reporting and handling mechanisms;
  3. Safeguard API Keys and immediately rotate any compromised Key;
  4. Adopt heightened protections in contexts involving minors or sensitive populations (e.g., mental health, unsupervised medical use); and
  5. Retain usage logs for incident cooperation (at least six (6) months).

4. Enforcement

4.1 Suspension and Termination

The Provider may, depending on the severity of a violation, take one or more of the following actions:

  1. Verbal or written warning;
  2. Restriction of specific models or features;
  3. Suspension of API Keys or Service access (without prior notice, with follow-up notice);
  4. Termination of this Agreement or the affected SOF (per MSA Section 11); or
  5. Preservation of evidence and notification of relevant authorities where required.

4.2 Emergency Action

Where the Customer's conduct involves child sexual abuse material, terrorism, imminent physical threat, large-scale security attack or an urgent demand from an Upstream Provider, the Provider may without prior notice suspend or terminate the Services, preserve data and notify law enforcement. The Provider shall not be liable for breach in connection with such emergency action.

4.3 Indemnification

If the Customer's breach of this AUP causes third-party claims against the Provider, suspension by an Upstream Provider, fines, reputational harm or other losses, the Customer shall indemnify the Provider for all such losses (including reasonable legal fees and litigation costs). This obligation is excluded from the liability cap under MSA Section 9.4 (and is listed as an exception in the MSA).

5. Reporting

If the Customer or any third party becomes aware of an AUP violation, they may report it through:

The Provider shall maintain the confidentiality of reporters' identities, except where compelled by law to disclose.

6. Miscellaneous

  1. This AUP is incorporated into the MSA and ToS; in case of conflict, the stricter provision applies;
  2. The Provider may update this AUP from time to time, with changes effective 30 days after publication; continued use of the Services constitutes acceptance;
  3. This AUP is non-exhaustive; the Provider reserves the right to address abusive conduct not specifically listed.

Effective date: 2026-06-15 · Version: v1.0