This Acceptable Use Policy (“AUP”) sets forth the rules applicable when Client uses any of the Products, Services, or Product Outputs (as defined under the Master Software and Services Agreement / MSSA between the Client and SERA) (collectively, the “Services”). Without limiting the MSSA’s provisions Client’s use of the Services constitutes acceptance of this AUP. Breach of the AUP is governed by the MSSA.

Prohibited Conduct

Client shall not use the Services to:

• Conduct any unlawful activity or produce, share, or facilitate content or Products Outputs that violate applicable laws or regulations.

• Develop, propagate, or enable harmful code.

• Produce or circulate content or Products Outputs designed to deceive, defraud, or misrepresent.

• Encroach on the rights of others, whether those rights relate to intellectual property, personal privacy, or data protection.

• Orchestrate harmful activities across several accounts in order to sidestep detection mechanisms or product controls.

• Evade an access restriction by opening or using an alternate account, or by granting access to any individual or organization whose access was previously revoked.

• Deliberately defeat safety mechanisms, content filters, or operational boundaries related to the use of the Services.

• Leverage any Service inputs or outputs to build, refine, or augment a machine-learning or AI system (sometimes referred to as model scraping or knowledge distillation) without SERA’s prior written consent.

• disassemble, decompile or reverse engineer the Services or any portion of it; Client will not alter, adapt, merge, modify, translate, decompile, develop versions or derivative works, reverse engineer, upgrade, improve or extend, features or functionalities of the Services.

• Use the Services as the basis for developing a rival offering, or redistribute access to the Services, unless SERA’s has given express written approval.

• Conduct benchmarking, competitive analysis, or systematic output evaluation of the Services, or harvest technical details for competitive advantage.

• Run vulnerability scans, penetration tests, or other security assessments against the Services without SERA’s explicit written approval.

• Remove, alter, modify or appropriate any markings included in the Services.

• Upload, input, or otherwise process content through the Services that infringes, misappropriates, or violates any intellectual property, publicity, or privacy right; or disclose or incorporate into prompts any third-party confidential or trade secret information without authorization.

• Input to the Services any confidential information or trade secrets unless adequate technical and organizational measures, access controls, and contractual protections and consents are in place and consistent with the Agreement and obligations towards third-parties.

• Help, enable, or encourage any third party to carry out any of the activities listed above.

Licensing and Technology Use Restrictions

The following conditions supplement the prohibitions above:

• Production and non-production environments for the software must be kept separate unless SERA has provided written permission to combine them.

• Client shall not override, disable, or work around any technical access controls applied by the SERA, and Client must stay within the scope of its licensed entitlements at all times.

• Operating a hosted, managed, or bureau-style service on behalf of third parties using our platform requires SERA express written consent.

• Client must not resell, sublicense, assign, transfer, rent, lease, lend or otherwise distribute the rights acquired under this Agreement, other thans expressly permitted by the Agreement.

AI-Specific Usage Restrictions

The following restrictions apply to every use of the Services:

• Any suggestion, recommendation, or evaluative judgment generated through the Services must be reviewed by a suitably qualified professional before it is acted upon or shared. Client and its organization bear full responsibility for the correctness and fitness of that output.

• The Services are tools intended to support, not to replace, professional expertise. Client remains solely accountable for determining whether any output is appropriate for its particular use case.

Accountability

Client bears full responsibility for how it uses the Services and for every piece of content produced during that use. Any claims brought by third parties in connection with Client’s activities on the Services, whether grounded in intellectual-property infringement, privacy violations, or any other legal theory, are Client’s to address and resolve. By using the Services, Client confirms that it holds or has obtained all rights, licenses, and permissions needed for any material it submits.

Responsible Operations

Client is responsible for: (a) configuring use of the Services consistent with Client’s policies and regulatory obligations; (b) ensuring that human review is applied where appropriate, including for high-risk or consequential uses; and (c) validating outputs for accuracy, completeness, safety, and fitness for purpose before reliance or external dissemination.