Acceptable Use Policy
This Acceptable Use Policy explains uses of Ethen that are prohibited or restricted. It applies to prompts, files, outputs, workflows, connected services, voice features, automation, and team workspaces.
Acceptable Use Policy
Ethen is provided for legitimate model work such as drafting, coding assistance, research organization, routing, review, and productivity workflows. This Acceptable Use Policy (“AUP”) sets boundaries that protect people, systems, rights holders, and the integrity of the service. Upcube may update this AUP as risks and product capabilities evolve.
1. General standard
You must use Ethen lawfully, honestly, and in a manner that does not create unreasonable risk of harm. You may not use Ethen to violate law, infringe rights, compromise security, exploit people, or evade safety systems. Organization customers are responsible for their members’ compliance. If you enable automation, connected services, or BYOK routes, you remain responsible for the actions those configurations take. When in doubt about a high-risk use case, do not proceed without qualified review and a documented internal policy. Attempts to circumvent this section through indirect prompting, multi-step workflows, connected-service automation, or coded language are still violations when the intent and likely effect are disallowed. Admins who knowingly enable widespread circumvention in their workspace may face account-level enforcement.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Lawful and non-harmful use is required.
- Admins are responsible for member activity.
- High-risk cases need human review.
2. Illegal activity and fraud
Do not use Ethen to plan, assist, or carry out illegal activity, including fraud, identity theft, financial scams, market manipulation schemes, forgery, or evasion of lawful process. Do not generate materials intended to deceive banks, governments, employers, platforms, or individuals for unlawful gain. Do not use the product to create fake documents presented as authentic official records. Educational discussion of public fraud patterns may be acceptable when clearly framed for defense or awareness and not operational assistance for wrongdoing. Attempts to circumvent this section through indirect prompting, multi-step workflows, connected-service automation, or coded language are still violations when the intent and likely effect are disallowed. Admins who knowingly enable widespread circumvention in their workspace may face account-level enforcement.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- No assistance for illegal schemes.
- No fake official documents for deception.
- Defensive education is different from operational abuse.
3. Abuse, harassment, and exploitation
Do not use Ethen to harass, threaten, stalk, dox, defame, or incite violence against people or groups. Do not generate targeted abuse packs, intimidation content, or sexual content involving minors in any form. Do not create content intended to exploit vulnerable people, including romance scams, predatory social engineering, or coercive deepfake campaigns. Respect dignity and consent, especially when processing images, voice, or personal data about real people. Attempts to circumvent this section through indirect prompting, multi-step workflows, connected-service automation, or coded language are still violations when the intent and likely effect are disallowed. Admins who knowingly enable widespread circumvention in their workspace may face account-level enforcement.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Harassment and threats are prohibited.
- Sexual content involving minors is strictly prohibited.
- Real-person media requires care and rights.
4. Malware and cyber misuse
Do not use Ethen to develop, improve, distribute, or operationalize malware, ransomware, botnets, exploits against systems you do not own or lack authorization to test, or instructions whose primary purpose is unauthorized intrusion. Security research, defensive coding, and authorized testing may be legitimate when scoped to systems you own or are explicitly authorized to assess, and when handled under the AI Use Policy’s dual-use caution. Do not attempt to disable Ethen safety systems, probe other tenants, or attack Upcube infrastructure. Attempts to circumvent this section through indirect prompting, multi-step workflows, connected-service automation, or coded language are still violations when the intent and likely effect are disallowed. Admins who knowingly enable widespread circumvention in their workspace may face account-level enforcement.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Unauthorized offensive cyber activity is prohibited.
- Authorized defensive work requires clear scope.
- Do not attack Upcube or other tenants.
5. Phishing, credential theft, and spam
Do not generate phishing kits, credential harvesting pages, smishing/vishing scripts for abuse, spam campaigns, or bulk unsolicited messages that violate law or platform rules. Do not use connected email, messaging, or browser tools to run unauthorized outreach at scale. Do not collect credentials, session tokens, or multi-factor codes belonging to others. Legitimate security awareness content should be clearly labeled and used only in authorized training contexts. Attempts to circumvent this section through indirect prompting, multi-step workflows, connected-service automation, or coded language are still violations when the intent and likely effect are disallowed. Admins who knowingly enable widespread circumvention in their workspace may face account-level enforcement.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- No phishing or credential theft assistance.
- No unlawful bulk spam.
- Awareness training must be authorized and labeled.
6. Scraping, surveillance, and privacy invasion
Do not use Ethen to run unauthorized scraping that violates law, contracts, or technical access restrictions. Do not build covert surveillance systems targeting people without lawful basis and authorization. Do not attempt to infer sensitive personal attributes about private individuals for harmful profiling. Do not use voice or camera capture to monitor others without appropriate notice and permission. Public-data research still requires respect for robots rules, terms of service, and privacy expectations where applicable. Attempts to circumvent this section through indirect prompting, multi-step workflows, connected-service automation, or coded language are still violations when the intent and likely effect are disallowed. Admins who knowingly enable widespread circumvention in their workspace may face account-level enforcement.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Unauthorized scraping and covert surveillance are restricted.
- Sensitive inference for harm is prohibited.
- Voice/camera capture needs permission.
7. Weapons, violence, and CBRN
Do not use Ethen to provide practical assistance for violent crimes, terrorism, or the development or deployment of chemical, biological, radiological, or nuclear weapons. High-level public-domain discussion for education or news understanding is different from actionable assistance. Upcube may refuse or interrupt requests that seek operational detail for severe harm. Do not attempt to launder prohibited requests through roleplay or coded language.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- No practical assistance for severe violent harm.
- CBRN weapons assistance is prohibited.
- Evasion via roleplay is not allowed.
8. Self-harm and exploitation of minors
Do not use Ethen to promote or provide actionable guidance for suicide, self-harm, or disordered eating behaviors. If you are in crisis, seek local emergency or professional help. Any sexual content, grooming, trafficking, or exploitation involving minors is strictly prohibited, including fictional depictions. Report apparent child sexual exploitation material through appropriate legal channels and published product reporting paths where available. Upcube may preserve and disclose information when required to protect children or comply with law.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- No actionable self-harm assistance.
- Child sexual exploitation content is strictly prohibited.
- Legal reporting obligations may apply.
9. Regulated and high-impact decisions
Do not use Ethen as the sole decision-maker for high-impact outcomes such as medical diagnosis or treatment decisions, legal conclusions, credit or employment determinations, immigration decisions, or safety-critical automated control without qualified human oversight and appropriate regulatory compliance. Model outputs can be wrong. Organizations must apply domain expertise, policy review, and accountability for consequential decisions. See the AI Use Policy for professional advice boundaries.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- High-impact decisions need qualified humans.
- Ethen is not a licensed professional by default.
- Organizational accountability remains with the user.
10. Deceptive content, impersonation, and voice misuse
Do not use Ethen to impersonate real people, brands, or officials in order to deceive. Do not create non-consensual intimate imagery. Do not clone or synthesize a person’s voice without required rights and consent, as described in the Voice Cloning Policy. Political, journalistic, or artistic uses that involve likenesses may still require disclosures, rights clearance, and compliance with election or platform rules. Deepfakes used for fraud, harassment, or reputation attacks are prohibited.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Deceptive impersonation is prohibited.
- Voice cloning requires rights and consent.
- Fraudulent deepfakes are prohibited.
11. Safety bypasses and model abuse
Do not attempt to bypass safety filters, jailbreak systems for disallowed content, or manipulate the product into providing prohibited assistance. Do not share operational jailbreak packs intended to cause widespread policy evasion. Security testing of Ethen itself requires authorization. Unauthorized vulnerability exploitation is prohibited; good-faith reports should follow published vulnerability reporting channels where available. Repeated intentional bypass attempts may lead to suspension.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Jailbreaks for disallowed content are prohibited.
- Unauthorized security exploitation is prohibited.
- Use published channels for vulnerability reports.
12. Workflow and automation abuse
Do not use workflows, agents, browser tools, or connected services to perform prohibited actions at scale, overwhelm third-party systems, or make unauthorized changes to external accounts. Automation must respect rate limits, external terms, approvals, and least privilege. Approval features must not be rubber-stamped for known-harmful actions. Admins should monitor high-risk automations and revoke credentials that are misused.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Automation must follow the same AUP rules.
- Do not overwhelm or abuse external systems.
- Approvals require genuine review for risky actions.
13. Enforcement
Upcube may investigate suspected violations using product logs, reports, and other lawful information. We may remove content, disable features, require corrective action, suspend or terminate accounts, or notify authorities when required or appropriate. We may consider context, severity, intent, and history. Emergency action may occur without prior notice when risk is urgent. To report abuse, use published support or security contact channels and include relevant URLs, timestamps, and descriptions.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Violations can lead to suspension or termination.
- Urgent risks may trigger immediate action.
- Abuse reports should include actionable detail.
14. Reporting and cooperation
Users and admins should report severe abuse, exploitation, or security misuse through published channels. Provide URLs, timestamps, account identifiers if known, and a factual description. Upcube may cooperate with lawful investigations and preserve relevant records when required. Do not destroy evidence subject to legal preservation duties in your organization. False or abusive reports intended to harass others may themselves violate this policy. Good-faith reporters should not be penalized for honest mistakes, but reports must not be used as a weapon against legitimate competitors or critics.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Report severe abuse with actionable detail.
- Legal preservation duties may apply.
- Abusive false reports are prohibited.
- Good-faith reporting is encouraged.
15. Updates to this policy
As model capabilities and misuse techniques evolve, this Acceptable Use Policy may be updated. Continued use after an update means the updated policy applies to subsequent use, except where mandatory law or a signed agreement requires a different process. Material expansions of prohibited categories may be highlighted through product or site notices when practical. Related policies—including Terms, AI Use, Voice, and Security—should be read together so users understand both product expectations and enforcement tools.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- AUP may update as risks evolve.
- Related policies should be read together.
- Notices may highlight material expansions.
How this policy applies
This policy applies to all users, admins, and automated systems acting through an Ethen account. Organization admins should enforce stricter internal rules where needed. Violations may result in content removal, feature limits, suspension, or legal referral where required.
- All surfaces: Console, APIs, workflows, voice, and integrations are covered.
- Human and automated use: Bots and scripts using your credentials must comply.
- Related policies: Read with Terms, AI Use, Privacy, and Security pages.
- Enforcement: Upcube may investigate and restrict abusive activity.
Policy status
This Acceptable Use Policy is published public policy text for Ethen. It defines prohibited and restricted uses without claiming perfect automated enforcement.
- Human + automated enforcement: Controls and reviews may both apply.
- Evolving risks: Policy text may update as misuse patterns change.
- Related policies: Terms, AI Use, and Voice policies add detail.
- No loopholes by omission: Harmful novel abuse may still be restricted.
Not legal advice
These pages explain product and policy posture for Upcube / Ethen. They are not legal advice and do not replace counsel for your jurisdiction, industry, or use case.
Evidence and claim boundaries
This statement describes Ethen’s current posture without making unsupported certification or compliance claims. Configuration, provider selection, and enterprise agreements can change data paths and controls.
- No certification claim: No SOC 2, ISO 27001, HIPAA, or PCI certification is claimed here.
- Provider-dependent behavior: Providers may apply their own terms, logs, and retention.
- Shared responsibility: Customers control keys, members, and integrations they enable.
- Human responsibility: Users remain responsible for prompts, outputs, and approvals.
Related policies
Acceptable use works together with product and safety guidance.
Related policies
- Terms of Service
Account and workspace use rules.
- Privacy Policy
Data categories and user rights.
- Acceptable Use Policy
Prohibited and restricted uses.
- AI Use Policy
Output review and high-impact boundaries.
- Security Statement
Security posture overview.
- BYOK Data Handling
Customer-managed keys and routing.
- Data Retention
Retention categories and deletion.
- Cookie Policy
Cookies and similar technologies.
Frequently asked questions
Can I use Ethen for authorized security testing?
Yes, when limited to systems you own or are explicitly authorized to test, and when you avoid prohibited offensive assistance. Follow the AI Use Policy dual-use guidance.
Does this replace my company’s policy?
No. Organizations should apply stricter internal rules where needed.
What happens if a teammate violates the AUP?
Admins should stop the activity and report serious abuse. Upcube may also suspend access.
Are jailbreaks allowed for research?
Attempts to obtain disallowed content or attack systems without authorization are prohibited. Coordinated disclosure should use published channels.
Acceptable Use Policy · Ethen by Upcube