Usage Policy

Effective May 28, 2026

Also referred to as our "Acceptable Use Policy" or "AUP"

Our Usage Policy applies to anyone who can submit inputs to Veesta's products and/or services, including via any authorized resellers or passthrough access, all of whom we refer to as "users." The Usage Policy is intended to help our users stay safe and promote the responsible use of our products and services.

The Usage Policy is categorized according to who can use our products and for what purposes. We will update our policy as our technology and the associated risks evolve or as we learn about unanticipated risks.

Policy Structure:

Universal Usage Standards: Apply to all users and use cases.
High-Risk Use Case Requirements: Apply to specific use cases that pose an elevated risk of harm.
Additional Use Case Guidelines: Apply to certain other use cases, including compliance automation, regulatory monitoring, and enterprise deployments.

Veesta's Trust and Safety Team will implement detection and monitoring to enforce our Usage Policy, so please review this policy carefully before using our products or services. If we learn that you have violated our Usage Policy, we may throttle, suspend, or terminate your access to our products and services. We may also block or modify system outputs when inputs violate our Usage Policy.

If you believe that our system outputs are potentially inaccurate, biased or harmful, please notify us at safety@veesta.co, or report it directly in our product through the feedback features (where available).

This Usage Policy is calibrated to strike an optimal balance between enabling beneficial uses and mitigating potential harms. Veesta may enter into contracts with certain governmental or regulatory customers that tailor use restrictions to that customer's public mission and legal authorities if, in Veesta's judgment, the contractual use restrictions and applicable safeguards are adequate to mitigate the potential harms addressed by this Usage Policy.

Universal Usage Standards

The following standards apply to all users of Veesta's products and services:

Do Not Violate Applicable Laws or Engage in Illegal Activity

You may not use our services to violate any applicable laws, regulations, or legal obligations, or to facilitate, encourage, or enable others to do so. This includes using our services to engage in, promote, or facilitate illegal activities.

Do Not Compromise Critical Infrastructure

You may not use our services in ways that could damage, disable, overburden, or impair critical infrastructure, including but not limited to utilities, transportation systems, healthcare facilities, financial systems, or emergency services.

Do Not Compromise Computer or Network Systems

You may not use our services to develop, distribute, or facilitate malware, viruses, ransomware, or other malicious code. You may not use our services to gain unauthorized access to computer systems, networks, or data, or to circumvent security measures.

Do Not Develop or Design Weapons

You may not use our services to design, develop, or facilitate the creation of weapons, including but not limited to nuclear, biological, chemical, or radiological weapons, or autonomous weapons systems designed to harm humans.

Do Not Incite Violence or Hateful Behavior

You may not use our services to create, promote, or disseminate content that incites violence, promotes terrorism, or advocates hatred or discrimination against individuals or groups based on protected characteristics such as race, ethnicity, national origin, religion, gender, sexual orientation, disability, or age.

Do Not Compromise Privacy or Identity Rights

You may not use our services to violate privacy rights, including collecting, processing, or disclosing personal information without proper authorization or consent. You may not use our services to facilitate identity theft, impersonation, or unauthorized surveillance.

Do Not Compromise Children's Safety

You may not use our services to create, distribute, or facilitate content that exploits, harms, or endangers children. This includes child sexual abuse material (CSAM), grooming, or any content that sexualizes minors.

Do Not Create Psychologically or Emotionally Harmful Content

You may not use our services to create content designed to cause psychological harm, including content that promotes self-harm, suicide, eating disorders, or other dangerous behaviors. You may not use our services to harass, bully, threaten, or intimidate individuals.

Do Not Create or Spread Misinformation

You may not use our services to deliberately create or spread false information that could cause significant harm, including misinformation about public health, safety, elections, or other matters of public concern. This includes deepfakes or synthetic media designed to deceive.

Do Not Undermine Democratic Processes or Engage in Targeted Campaign Activities

You may not use our services to interfere with democratic processes, including voter suppression, election fraud, or manipulation of electoral systems. You may not use our services for targeted political campaigning, lobbying, or astroturfing without proper disclosure.

Do Not Use for Criminal Justice, Censorship, Surveillance, or Prohibited Law Enforcement Purposes

You may not use our services for facial recognition, biometric identification, or predictive policing without appropriate legal authority and safeguards. You may not use our services to facilitate mass surveillance, censorship, or suppression of lawful speech. Use in criminal justice contexts must comply with applicable laws and respect due process rights.

Do Not Engage in Fraudulent, Abusive, or Predatory Practices

You may not use our services to engage in fraud, scams, phishing, or other deceptive practices. You may not use our services to facilitate predatory lending, multi-level marketing schemes, or other exploitative business practices. You may not use our services to manipulate markets or engage in insider trading.

Do Not Abuse our Platform

You may not use our services in ways that violate our Terms of Service, circumvent usage limits, or interfere with the normal operation of our platform. You may not attempt to reverse engineer, decompile, or extract proprietary models or algorithms. You may not resell or redistribute our services without authorization.

Do Not Generate Sexually Explicit Content

You may not use our services to create, distribute, or facilitate sexually explicit content, including pornography or content that sexualizes individuals without consent. This prohibition does not apply to educational, medical, or scientific content with legitimate purposes.

Do Not Misrepresent Compliance Status

You may not use our services to generate false compliance reports, certifications, or attestations. You may not misrepresent the compliance status of systems, products, or organizations. You may not use our services to circumvent regulatory requirements or create misleading audit trails.

High-Risk Use Case Requirements

Some use cases pose an elevated risk of harm because they influence domains that are vital to public welfare, safety, and social equity. For these use cases, given potential risks to individuals and organizations, we believe that relevant human expertise should be integrated and that end-users should be aware when AI has been involved in producing outputs.

For the "High-Risk Use Cases" described below, we require that you implement these additional safety measures:

Human-in-the-loop:

When using our products or services to provide advice, recommendations, or in subjective decision-making directly affecting individuals, organizations, or regulatory outcomes, a qualified professional in that field must review the content or decision prior to dissemination or finalization. You or your organization are responsible for the accuracy and appropriateness of that information.

Disclosure:

If system outputs are presented directly to individuals, organizations, or regulatory bodies, you must disclose that you are using AI to help produce your advice, decisions, or recommendations. This disclosure must be provided at a minimum at the beginning of each session or in documentation accompanying the output.

"High-Risk Use Cases" include:

Legal

Use cases related to legal interpretation, legal guidance, regulatory compliance advice, or decisions with legal implications. This includes generating legal documents, interpreting regulations, or providing compliance recommendations that could affect legal obligations.

Healthcare

Use cases related to healthcare decisions, medical diagnosis, patient care, therapy, mental health, or other medical guidance. Wellness advice (e.g., advice on sleep, stress, nutrition, exercise, etc.) does not fall under this category.

Insurance

Use cases related to health, life, property, disability, or other types of insurance underwriting, claims processing, or coverage decisions.

Finance

Use cases related to financial decisions, including investment advice, loan approvals, credit scoring, and determining financial eligibility or creditworthiness.

Employment and Housing

Use cases related to decisions about the employability of individuals, resume screening, hiring tools, or other employment determinations or decisions regarding eligibility for housing, including leases and home loans.

Academic Testing, Accreditation and Admissions

Use cases related to standardized testing companies that administer school admissions (including evaluating, scoring or ranking prospective students), language proficiency, or professional certification exams; agencies that evaluate and certify educational institutions.

Media or Professional Journalistic Content

Use cases related to using our products or services to automatically generate content and publish it for external consumption without appropriate editorial oversight.

Regulatory Reporting and Compliance Submissions

Use cases related to generating regulatory filings, compliance reports, audit documentation, or submissions to regulatory authorities. All such outputs must be reviewed and validated by qualified compliance professionals before submission.

Critical Infrastructure and Safety Systems

Use cases related to operating, monitoring, or making decisions about critical infrastructure, including utilities, transportation systems, industrial control systems, or safety-critical applications. Human oversight is required for all decisions that could affect public safety.

Additional Use Case Guidelines

The below use cases – regardless of whether they are High-Risk Use Cases – must comply with the additional guidance provided.

Compliance Automation and Monitoring

When using Veesta services for automated compliance monitoring, policy enforcement, or regulatory analysis:

Automated compliance decisions must be subject to human review before enforcement actions are taken
Systems must maintain comprehensive audit trails of all compliance decisions and their rationale
False positives and false negatives must be tracked and reported to improve system accuracy
Users must establish clear escalation procedures for edge cases and ambiguous situations

Enterprise Deployments

Organizations deploying Veesta services in enterprise environments must:

Establish clear governance policies for AI system usage and oversight
Implement appropriate access controls and authentication mechanisms
Maintain documentation of system configurations, customizations, and use cases
Conduct regular reviews of system outputs for accuracy and compliance
Provide appropriate training to users on responsible AI usage and limitations

Regulatory Intelligence and Monitoring

When using Veesta services to monitor regulatory changes or analyze regulatory requirements:

System outputs should be validated against official regulatory sources
Users should maintain subscriptions to official regulatory channels for critical updates
Regulatory interpretations should be reviewed by qualified legal or compliance professionals
Systems should clearly distinguish between regulatory requirements and recommendations

API and Integration Use

When integrating Veesta services via API or embedding them in other applications:

You must disclose to end-users when AI is being used to generate compliance advice or decisions
You must implement appropriate rate limiting and error handling
You must not use our services to build competing compliance infrastructure products without authorization
You must comply with all applicable data protection and privacy requirements

Model Training and Fine-tuning

If you have access to model training or fine-tuning capabilities:

Training data must not include confidential, proprietary, or illegally obtained information
You must have appropriate rights and permissions for all training data used
Fine-tuned models must still comply with all Universal Usage Standards
You must implement appropriate testing and validation before deploying fine-tuned models

Enforcement

Veesta takes violations of this Usage Policy seriously. We employ a combination of automated systems and human review to detect and respond to potential violations.

If we determine that you have violated this Usage Policy, we may take the following actions:

Issue a warning and require corrective action
Temporarily throttle or limit your access to our services
Suspend your account pending investigation
Terminate your access to our services
Report violations to appropriate authorities where required by law

The specific action taken will depend on the severity and nature of the violation, your history of compliance, and whether the violation poses immediate harm.

If you believe your account has been suspended or terminated in error, you may appeal by contacting appeals@veesta.co with a detailed explanation.

Reporting Violations

If you become aware of potential violations of this Usage Policy by other users, or if you encounter harmful or inappropriate outputs from our systems, please report them to us.

Report violations to:

Safety concerns: safety@veesta.co
Abuse or misuse: abuse@veesta.co
Security vulnerabilities: security@veesta.co

We take all reports seriously and will investigate them promptly. We may not be able to provide detailed information about the outcome of investigations due to privacy considerations.

Changes to This Policy

We may update this Usage Policy from time to time as our technology evolves, new risks emerge, or regulatory requirements change. We will notify users of material changes through:

Email notification to registered users
Prominent notice in our product interface
Updates to our website and documentation

Continued use of our services after changes to this Usage Policy constitutes acceptance of the updated policy. If you do not agree with the changes, you should discontinue use of our services.

Previous versions of this Usage Policy will be archived and available upon request.

Interpretation and Scope

This Usage Policy should be read in conjunction with our Terms of Service, Privacy Policy, and any other applicable agreements. In the event of a conflict, the Terms of Service will govern.

This Usage Policy applies to all users of Veesta services, including:

Direct customers accessing our services through our platform
Users accessing our services through authorized resellers or partners
Developers integrating our services via API
Enterprise customers with custom deployment agreements
End-users of applications that incorporate our services

If you are using our services on behalf of an organization, you represent that you have the authority to bind that organization to this Usage Policy, and references to "you" include both you and that organization.

Contact

If you have questions about this Usage Policy or need clarification about whether a specific use case is permitted, please contact us:

Veesta Trust and Safety Team

Email: policy@veesta.co

For enterprise customers: Please use your designated support channels for policy inquiries.

Our Commitment to Responsible AI

At Veesta, we believe that powerful AI systems must be built and deployed responsibly. This Usage Policy reflects our commitment to ensuring that our compliance infrastructure services are used in ways that benefit society while minimizing potential harms.

We recognize that compliance and safety are not static goals—they require continuous vigilance, adaptation, and collaboration. We are committed to:

Regularly updating our policies based on emerging risks and learnings
Investing in safety research and responsible AI practices
Collaborating with regulators, researchers, and industry partners
Listening to feedback from our users and the broader community
Holding ourselves accountable to the same standards we help others achieve

We welcome your partnership in building AI systems that are not only powerful and efficient, but also safe, fair, and aligned with human values.