Acceptable Use Policy

1. Purpose and Scope

Welcome to ClickDone. Click Done Limited (“ClickDone”, “we”, “us”, or “our”) provides custom system builds, AI pipeline orchestration, database unifications, and digital consulting. This Acceptable Use Policy (“AUP”) outlines the standards and restrictions governing the use of any websites, systems, client staging portals, database applications, and Large Language Model (LLM) interfaces that we design, host, manage, or provide (collectively, the “Systems”).

This policy applies to all clients, users, employees, contractors, and third parties accessing our Systems. By using our Systems, you agree to comply with this AUP. Non-compliance may result in the immediate suspension or termination of your access to our hosted services without liability.

2. Prohibited System Activities

You agree not to use our Systems to engage in, facilitate, or promote any of the following prohibited behaviors:

• Illegal, Harmful, or Fraudulent Acts: Violating any local, national, or international laws or regulations, including those governing financial fraud, identity theft, child protection, and intellectual property infringement.

• Safety Bypass and Jailbreaking: Bypassing, disabling, or attempting to circumvent the safety filters, system prompt guidelines, moderation barriers, or security controls of our integrated AI systems. This includes prompt injection attacks, adversarial prompt crafting, and reverse-engineering models.

• Model Scraping and Mimicry: Automated scraping, harvesting, or bulk-exporting outputs from our Systems with the intent to train, fine-tune, or validate competing machine learning models or algorithms.

• System Disruption (Malware & DDoS): Uploading, introducing, or executing code containing viruses, Trojan horses, worms, logic bombs, or initiating Denial of Service (DoS/DDoS) attacks against our databases or middleware hosting environments.

3. Data Input Restrictions and Privacy Controls

We implement state-of-the-art database unifications and AI integrations. However, to maintain legal compliance under the UK GDPR, EU GDPR, US state laws (CCPA/CPRA), and the Australian Privacy Act 1988, you must not submit inputs or transfer databases to our standard development or staging environments that contain:

• Protected Health Information (PHI): Any medical, healthcare, or clinical records regulated under HIPAA (Health Insurance Portability and Accountability Act) or international equivalents, unless we have signed a specific Business Associate Agreement (BAA).

• Payment Card Industry Data (PCI): Unencrypted primary account numbers (PAN), CVVs, or cardholder authentication data regulated under PCI-DSS.

• Highly Sensitive Personal Identifiers: Passwords, social security numbers, tax identifiers, or government-issued credentials, unless specifically agreed under isolated, encrypted enterprise Statement of Work parameters.

4. Probabilistic Outputs & Human Verification

Our Systems utilize probabilistic artificial intelligence models (such as LLMs) that predict the most likely subsequent token or action based on training data. As a user of these Systems, you acknowledge and agree that:

• No Factual Guarantees: AI outputs may occasionally contain errors, inaccuracies, or hallucinations. They do not constitute verified facts, professional guidance, or legal advisory declarations.

• Human-in-the-Loop Requirement: You must establish reasonable human review procedures to evaluate and verify the accuracy of all AI-generated outputs, emails, reports, or database scripts before deploying or relying on them in a live commercial or transactional environment.

• Transactional Disclaimers: ClickDone is not liable for operational deficits, pricing mistakes, or customer service errors caused by automated actions or replies generated by the System that deviate from your company policies.

5. Regulatory Alignment and International Laws

ClickDone designs Systems with global compliance in mind:

• European Union (EU AI Act): Users must not employ our Systems for prohibited AI practices defined by the EU AI Act, including subliminal manipulation causing harm, social scoring, or real-time remote biometric identification in public spaces.

• United States (FTC & Section 230): Users must ensure that any customer-facing AI applications built by ClickDone display adequate notices informing users that they are interacting with a machine, in line with FTC guidelines for transparent commercial operations.

6. Enforcement, Audits, and Access Suspension

We monitor our hosted orchestration gateways, log API volumes, and trace database query anomalies to maintain performance and safety bounds. ClickDone reserves the right to:

• Conduct technical compliance reviews and query audits of any client instance violating our System boundaries.

• Suspend or terminate access immediately if we suspect a violation of Section 2 (Prohibited System Activities) or if upstream LLM providers (e.g. OpenAI) flag your account.

7. Reporting Policy Violations

If you discover or suspect that any user of our Systems has violated this Acceptable Use Policy, please report it immediately to our safety and compliance officer using the form below: